I think I said " Any .exe file will probably be flagged "
And yes it is true that many Virus protection programs do use the Microsoft approved list on .EXE files. Some people will complain that a program is safe, and if enough people do that the Virus protection company may or may not take the time to test the program. Those will get a possible unsafe warning, but not and instant quarantine.
But I understand you fear of false Conspiracy or your troll post to see if I would bite.
But it all does sort of boil down to the Protection program, some are better than other's and some just ban anything that they don't have on there approval list.
The bullshit conspiracy mongering is you claiming that Microsoft would engage in blatantly false flagging of files to extort money, the weasel wording to try and get out of it when called on that bullshit not withstanding. Any good conspiracy spouter I've run into so far pulls the same What If stunt and then gets indignant when called out on it because they never stated a fact just a What If. So it is not a troll, it is you being called out for trying to peddle the bullshit conspiracy theory that Microsoft would blatantly false flag files to extort money.
If you don't like being called a conspiracy nutjob don't behave like one. And that includes trying to claim I can be ignored by asserting I'm a troll for daring to point out your behavior cannot be distinguished from the run of the mill conspiracy mongers. That just so happens to be standard fare for conspiracy mongers, asserting someone is a heckler that can be ignored without ever bringing proof of why they can be ignored other then the conspiracy monger saying so just because the so called heckler dares to expose them.
You also show a complete lack of understanding of how a virus scanner works.
They do not have white/blacklists not created by the end user as you imply for example; That is the way of endless litigation once the malware/virus peddlers find out about that when the reverse engineer that scanner (and yes they do that, it isn't trivial but worth the time invested to understand the enemy) and start pushing their wares through that hole. What happens is that they look for another distinct snippet of code and use that as fingerprint instead if a big enough product gets false flagged.
The closest that comes to whitelisting is code signing, and yes you need to pay Microsoft, or any organization Microsoft approved for code signing, for that. Why isn't it the same, well you get a finger print file of the code that has been signed and if the code doesn't map to that fingerprint you get the complaint and/or warning popups (and not a delete/quarantine of the file in question). It also means that every single time there is a change to the underlying code you need to get it signed again.
Similarly it seems you are conflating access control with how a virus scanner works. Access control is generally used on the enterprise level. Microsoft ships the option in Windows Defender (for enterprises) since Win10. What it does is prevent people from accessing files at all, not wipe them. It so happens you can let WDAC run on a reputation system, which is a form of white listing, for files not explicitly white/black listed or restricted by your organization. But that still would not result in said file being flagged as containing a virus/malware, it would just prevent the unauthorized from accessing the file.
P.s.: In this case it doesn't matter that some virus scanners use the Microsoft fingerprint database seeing that Microsoft gives WinGit 1.3.7 a clean bill of health. There are at least 5 other databases that ping on the git.exe though.
