Extension gets detected as a trojan by ESET endpoint security

[kasthack]

ESET antivirus detects the last version as a trojan:

Log record:

C:\Users\<redacted>\.vscode-insiders\extensions\redhat.vscode-xml-0.26.2024031317-win32-x64\server\lemminx-win32.exe - ESET LiveGuard trojan - retained

Screenshot:

Extension version: v0.26.2024031808

VS Code version info:

Version: 1.88.0-insider (user setup)
Commit: 99a19815253d91900be5ec1016e0ecc7cc9a6950
Date: 2024-03-14T05:49:42.201Z (4 days ago)
Electron: 28.2.6
ElectronBuildId: 27476517
Chromium: 120.0.6099.291
Node.js: 18.18.2
V8: 12.0.267.19-electron.0
OS: Windows_NT x64 10.0.22621

Windows version:

Edition	Windows 11 Pro
Version	22H2
Installed on	‎10/‎13/‎2023
OS build	22621.3296
Experience	Windows Feature Experience Pack 1000.22687.1000.0

ESET version:

ESET Endpoint Security, Version 11.0.2044.0

Other:

• Virustotal looks clean

• Probably related to Error when booting extension on Mac Silicon #974

[fbricon]

So I tried to use their free "online" scanner (which is still a local executable) on a windows machine I have access to, but it just closes after downloading its database. So I get no report whatsoever.

@kasthack do you mind reporting this to ESET? They have instructions for false-positive detections: https://support.eset.com/en/kb141-submit-a-virus-website-or-potential-false-positive-sample-to-the-eset-lab