I suppose their logic is sound, Though making it a *requirement* to enter a CC at install time, rather than merely suggesting it and allowing the user to skip, feels like a "dark design" to me.
To me AV software and the companies behind them sometimes feel shadier than actual malware. Though I'm biased because AV software has been an almost constant headache as a developer. We are constantly dealing with AV software detecting our software as some generic trojan malware. Trend Micro Business detects many of our 'reduced size' installers as malware (they are reduced in size by only installing a few files- our updater program runs the installers so we have it take care of creating symbolic links). Initially I was thinking it was suspicious because of the symlinks, but, then it should be flagging the updater. Not only that but their Trend Micro Housecall finds nothing, so I don't know why their different editions would be finding things different. Even stranger is that it was detecting the *existing* uninstallers for their installed version from April as malware too. Which is why I'm liable to blame Trend Micro for creating a crappy product throwing out stupid false positives.
On the other hand, as a developer you can pay for a "partnership" account with them and then submit your software so it never shows up as a false positive so part of me wonders if it's a racket.
Another fun one is that some of them don't even detect it as malware but just decide not to let it run without saying anything. So the updater program I ran runs the uninstaller to get ready to install the new version- and AVG just kinda blocks the process and it never exits, so the updater sits there forever. Better yet, it's impossible to even kill the uninstall process. I don't know what AVG is trying to do there but it doesn't make any sense, especially since it's not actually detecting anything.
Stupider still IMO is I found a workaround where it can still run it and not be blocked, so if it is a protection mechanism, pretty sure actual malware authors might figure it out too?
countless man hours sunk into screenshares for weird issues only to find that the AV product they are using has decided is the source. Then I try to contact them about it and they are trying to get me to sign up with some stupid paid partnership program so I can submit program files, (one at a time)... feels like a racket. "oy, be a real shame if your software was detected as a false positive, we can fix that for you- for a fee..."