Prebuilt Release triggers Windows Threat Protection for Trojan.Win32/Occamy.C

[mgwilt]

It could be a false positive, but it happens nonetheless. Probably run this from source and run inside a container. Don't use the release.

[BradLugo]

There's a good chance this is happening due to the way @matt1484 compiled it. I'll get with him later today and test properly compiled executables on my Windows machine. I really appreciate that you brought this to our attention

[BradLugo]

I've also updated the release note to call out this issue for Windows users. When we rectify the issue, I'll write a post-mortem of sorts in this ticket.

[BradLugo]

After doing some research and testing, it seems this issue is experienced with any Go program that isn't signed. There's some information here: https://github.com/golang/go/issues/21611

To my knowledge, the only solution for this is to acquire a code signing certificate. The unfortunate truth is that these certs are prohibitively expensive unless the community wants to subsidize the cost.

You can either make an exception for this program or run it via the command line. My suggestion would be that we file another ticket to improve the readme with this information, but I'll defer to @matt1484 since he's the maintainer. We could also add a GitHub Sponsor button to the repo, but I'm not sure if enough people are interested in sponsoring a small, very niche project.

[matt1484]

Doesnt seem like there is anything we can do at this time so closing for now