[jbj]

"Some anti-virus products may falsely report OpenRCT2 being unsafe"

nothing against this software, just pondering over this ... what would prevent a malicious software to make a similar claim, and if we always trust the software we download, wouldnt that reduce the amount of reasons to use anti virus software in the first place?

[mpettitt]

I suspect it may relate to the way it accesses other executable file directories - it scans for the RCT2 data files, which are in another executables folder structure, so rather than just sticking to the install folder and the shared documents area, it's looking at other files, which could reasonably trigger a virus scanner looking for "weird" behaviour.

[codeflo]

Virus scanner false positives are slowly becoming my personal hell. From my experience, they aren’t even remotely anything as sophisticated as you suggest, but the fact that people believe that antivirus software can actually do this kind of analysis helps the vendors sell their snake oil. If they would be triggered by any actual behavior, changing random compiler flags wouldn’t usually remove the false positive. But you have to do that kind of tinkering, or users will be scared.

[dtech]

False-positive like this are 99% of the time based on (dubious) heuristics, you can usually see that from the name of the match which will be very generic.

Semi-related note, AV tests of the last 2-3 years consistently show the Win10 built-in Windows Defender perform on-par or outperform other AV products on security, and outperform nearly all of them on performance.

[estebarb]

Some antivirus seems to be just an allow list for programs. So least used software (like, a program that you have compiled 5s ago) are always marked as suspicious.