AntonyCorbett
commented
3 years ago @peter-altherr Hi Peter. Thanks for your message. It is an ongoing problem - as malware distributors become smarter at hiding malicious code in Win32 and .NET apps the AV suppliers introduce more cunning detection algorithms which add to the "false positive" rates. Generally large software companies can get around this by code-signing installers ($$) and submitting builds to AV suppliers. Also the more popular an application is, the quicker these are whitelisted by the AV companies. A small app like JwlMerge will always raise a few alerts on VirusTotal. It's not a commercial app, so I don't want to spend money on a code-signing cert nor do I have the time to submit builds to AV companies. I suppose there is some comfort in knowing that it is open-source - the code is available to anyone to inspect and build. Hope this helps.
peter-altherr
hello antony,
while searching for a solution how to migrate jw library metro app from one windows machine to a different one i found jwlmerge. whenever i am about to try out a new (windows) software first step is to upload the file at virustotal. a quick check brought 4 (not that common known) av-enginges to drop an alarm. so i am a little concerned about installing it. can you comment on this?
https://www.virustotal.com/gui/file/cef9900cfdc318b253f06b45ac139080d54700a7cee7fa7e09412e188638098e/detection
thanks a lot and greetings to the uk :-) peter