I then re-downloaded the file and submitted it to VT directly (it seems it does not scan URLs as I thought it would), I got 1 warning from dozens of tools.
I down loaded the file on 2 different computers, work, and home and have the same issue on both.
I just downloaded again from the github site above, ran through Virus Total and again comes up with suspicious malware highlight on red. An if I try to install Defender blocks it again.
Right now, all I know is when I try to install, Windows Defender will not let me install. I am downloading from the same site on 2 different computers and having the same issue. If I run this file through Jotti or Virus Total as suggested, I still get that the file has an issue.
Right. I also tested on 2 computers (a Windows laptop, a Linux PC), checked both the version I downloaded a week ago, and one I downloaded today (the two were identical), and got no reports.
Maybe get a bootable pendrive (that’s known to be clean, maybe ask a friend to create it for you), boot from that, and scan your PC. I cannot do more to investigate this: there were only the two heuristic ‘AI’ / ‘ML’ positives.
did you check the checksums of the downloaded package? If that matches the given checksum in the darktable release page (Release release 4.8.0 · darktable-org/darktable · GitHub), then the package is ok and you might ask your virus software provider to correct their detection
Can’t you just choose to ignore it if you are confident to do so…also there are several other recent threads on this that you can also review for feedback. I self compile to an exe package and install and it doesn’t trigger any warnings… so that could be a way to go if you are cautiously viewing this
When you uploaded it from your PC, Jotti created a link (just like the one posted above). Can you share that link? The screen then shows the SHA1 and MD5 hashes (unfortunately not the SHA256 that’s provided on the darktable site).
The file I downloaded from the darktable site has the following hashes:
This means Jotti really scanned the file that is published on the darktable site, and it reported absolutely no findings.
The virustotal scan report for that file (you can search by the SHA256 hash) is here (the long code at the end of the URL is the hash), and it only has the two ML/AI heuristic warnings, no actual scanner found any known pattern.
I installed darktable 4.8.0 on Windows 11 when it came out. There was a warning, like for all software that is downloaded from the internet. There is nothing to fix there. Only you can decide if you trust the developers and the community, or you don’t.