go to post Mark-David McLa... · Dec 7, 2022 This is likely a false positive. Each Antivirus company comes up with their own algorithm to determine if an application may be malicious. These factors include the number of times they have seen the file. how it is installed, and if the file is digitally signed with an EV certificate. This means that new releases are more likely to be flagged by AV vendors as malicious as they build up a positive reputation score. InterSystems digitally signs our installer exe, but does not currently sign the unpacked msi. You can verify the validity of the exe by examining the properties of the file. If that file is signed by InterSystems, you can safely assume that McAffee is flagging this as a false positive. We are changing our release pipeline and are examining the benefits of signing the internal msi. We have reached out to McAffee to try to notify them of false positives, and they have asked that their customers directly contact them via a support case, they do not work with vendors such as InterSystems. In summary, if the original exe is signed, you can safely assume it is a false positive and create an exception with McAfee using the hash of the file.