Windows Defender just jumpscared me with a trojan warning that was resolved "with errors". Currently running a several hour long full scan to see what the hell is going on.
Edit. So apparently after some spelunking, it's because some line of code in the .html file, which probably launches scripts, is used by malware developers to... well, launch scripts. the B!ml termination means that Windows Defender sees it as a "machine learning" code. Trojan:win32/wacatac.B!ml and Trojan:Script/Wacatac.B!ml are very common sources of false positives because of this.
Also because the code is in the .html file, which cannot autorun, it is clearly not there on malicious purpose.
I'm gonna trust the process, because a full scan by windows takes several days.