I see that I'm not the first person to report that the runner gets flagged as malware, viewtopic.php?f=14&t=12652&p=107579&hilit=malware#p107579 but in this case, I don't think Windows Defender is being excessively cautious… it's identified an actual Trojan that matches this file.Status: Active
Active threats have not been remediated and are running on your device.
Threat detected: Trojan:Win32/Wacatac.D8!ml
Alert level: Severe
Date: 9/26/2020 11:42 PM
Details: This program is dangerous and executes commands from an attacker.
I notice that the file is transferred via non-secure HTTP transfer; I can't tell whether the file was modified in transit or whether the file is corrupted on the server side. The MD5 of my copy of run500.exe is 97108dffcca9f20430ef5bc47cad7418.
May I suggest that the Adrift releases be uploaded to Github as "releases" so that they can be downloaded from Github via HTTPS? (I think it would be wise for adrift.co and forum.adrift.co to use HTTPS, but I recognize that this is easier said than done.)