Interesting. Makes you wonder why even well known ones are not at least flagged by more or most A/V products except perhaps ones considered legit, but even those ought to at least be announced in some way.

And I do agree with the multi layer approach, though most home users are unlikely to do this in a viable way. So many home users, even if they have AV and firewalls, often have them without needed signature file updates, with old versions of software and worse. Where I live I can usually find at least one or two unencrypted wifi routers, and most others don't have WPA2, etc. And most people I know don't let windows update run, and don't check other software with tools like PSI.

I give one of my children, now in college, a real hard time about running updates. Needless to say, I'm not doing a 15 hour round trip drive every month for this! And I still have a web monitor tool on this now 18 year old's laptop to try and improve the odds of it not going to dangerous web sites.