Windows Defender detects as malware

[IcemanND]

When downloading the ZIP, or manually creating the SFTA.PS1 from the site, Windows defender scans it and detects it as a trojan, specifically Wacatac.B!ml https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3aWin32%2fWacatac.B!ml&threatid=2147735505

[Danyfirex]

It's a false positive. It seems to be related to the functions for invoking the hash algorithm from memory. Get-DelegateType and Get-ProcAddress.

https://github.com/DanysysTeam/PS-SFTA/blob/5d5df8b5fc75830053a093a2da0ae068bc4cd5a6/SFTA.ps1#L264-L322

I think the only way to remove the false positive is converting the hash algorithm to raw PowerShell code.