The “WinUtil.Ink” shortcut is detected as “Trojan:Script/Phonzy.B!ml”

[FoxyLoon]

Describe the bug

Today, Windows Defender said that the shortcut “WinUtil.Ink” was a trojan.

I've had this shortcut for a long time. To create the shortcut, I ran the tool from the “Launch Command - Stable Branch (Recommended)” on the homepage and then clicked the button to create the shortcut on the desktop.

To Reproduce

Steps to reproduce the behavior: I haven't reproduced the bug. In fact, I haven't even opened the tool for a long time.

I suppose the closest thing to getting the same result is:

1. Run the command “irm ‘https://christitus.com/win’ | iex” from the home page;
2. Go to the “Config” category;
3. Create the shortcut;
4. Wait for Windows Defender to detect it as a virus? Or check with Windows Defender? I don't know...

Expected behavior

Not being caught as a Trojan and just existing in the desktop

Screenshots

(Note: The language below is Portuguese)

Quarantined:

Immediately after quarantine, it was deleted or blocked:

Additional context

I just opened the computer on a normal day and today it decided that the shortcut is a trojan. I didn't do anything special, it just happened. I didn't even open the shortcut.

[Atlantis-23]

I can confirm I have just received the same automatic quarantine of the "WinUtil.lnk" shortcut detecting it as "Trojan:Script/Phonzy.B!ml" stating "This program is dangerous and executes commands from an attacker."