Blocked by Windows Defender SmartScreen

Question

Blocked by Windows Defender SmartScreen

博艺施 5

Why users downloading our company's software are blocked by Windows Defender SmartScreen, and why the blue small pop-up informs users that there may be a risk.

The installation package (.exe) is over 100 MB, and there are many of them. I don't know what to do, please give me some ideas for a solution.

Terri Masters 5 Reputation points

2026-05-21T21:56:19.98+00:00

I too have similar concerns. I have used Dexcom (Continious Glucose Monitor)many years and have done updates when told I need to. A few days ago, iI was again told I need to download my Dexcom Uploader. The software would not load and i was told the Microsoft Smart Defender would not allow the software to be downloaded to protect my computer. I have tried every solution to get around the block but nothing has worked. I called Dexcom and they said it was a Microsoft issue and to contact them. I said I am still using Win 10, 64 bit. They advised they didn't know how to solve my issue. I contacted Microsoft and was told it was a Dexcom issue and to contact them. I worked with someone from Dexcom for the third time all afternoon trying different ways to fix the problem. I am not a computer whiz by any definition. When it say "run by administrator, I have no idea what that means. I am 72 yrs old & I need my Dexcom to work as my blood sugars are out of control and I need to use it badly. Could you please assist me with getting through this block? I would greatly appreciate it. Thank you.
Terri Masters 5 Reputation points

2026-05-21T21:59:07.41+00:00

I forgot to mention I use Chrome as my browser. Although Microsoft Edge is downloaded on my computer, I haven't worked with Edge in over 10 years.
Lychee-Ng 20,620 Reputation points Microsoft External Staff Moderator

2026-05-22T06:30:21.9533333+00:00

Hi Terri Masters, just to make sure we are on the same page, is the file blocked while downloading, or already downloaded to PC and you couldn't run it? Since you mentioned "run by administrator" > this means you simply right click the downloaded installer and choose the option.

If the file was blocked during download, what was the exact phrasing and appearance of the block? Could you right-click the download file and allow it to download anyway? It'd be helpful if you can share the screenshot of it: press Windows + S keys > drag and drop to select the screenshot area > press Ctrl + C to copy > go back to this reply > Ctrl + V to paste > click Insert image (blue button). Since Windows 10 is end of support product, visuals would be better for more suitable answer.

3 answers

Your answer

Terri Masters 5 Reputation points

2026-05-21T21:56:19.98+00:00

I too have similar concerns. I have used Dexcom (Continious Glucose Monitor)many years and have done updates when told I need to. A few days ago, iI was again told I need to download my Dexcom Uploader. The software would not load and i was told the Microsoft Smart Defender would not allow the software to be downloaded to protect my computer. I have tried every solution to get around the block but nothing has worked. I called Dexcom and they said it was a Microsoft issue and to contact them. I said I am still using Win 10, 64 bit. They advised they didn't know how to solve my issue. I contacted Microsoft and was told it was a Dexcom issue and to contact them. I worked with someone from Dexcom for the third time all afternoon trying different ways to fix the problem. I am not a computer whiz by any definition. When it say "run by administrator, I have no idea what that means. I am 72 yrs old & I need my Dexcom to work as my blood sugars are out of control and I need to use it badly. Could you please assist me with getting through this block? I would greatly appreciate it. Thank you.
Terri Masters 5 Reputation points

2026-05-21T21:59:07.41+00:00

I forgot to mention I use Chrome as my browser. Although Microsoft Edge is downloaded on my computer, I haven't worked with Edge in over 10 years.
Lychee-Ng 20,620 Reputation points Microsoft External Staff Moderator

2026-05-22T06:30:21.9533333+00:00

Hi Terri Masters, just to make sure we are on the same page, is the file blocked while downloading, or already downloaded to PC and you couldn't run it? Since you mentioned "run by administrator" > this means you simply right click the downloaded installer and choose the option.

If the file was blocked during download, what was the exact phrasing and appearance of the block? Could you right-click the download file and allow it to download anyway? It'd be helpful if you can share the screenshot of it: press Windows + S keys > drag and drop to select the screenshot area > press Ctrl + C to copy > go back to this reply > Ctrl + V to paste > click Insert image (blue button). Since Windows 10 is end of support product, visuals would be better for more suitable answer.

Answer 1

Terri Masters 5

LN, A person from the medical device company called me this morning. He did some research and thought he found the solution and it worked!!!! Thank you very much for your time and assistance. I truly appreciate it!!! Terri Masters

Terri Masters 5 Reputation points

2026-05-22T21:37:04.7433333+00:00

I don't know how to end my question from further answers. I don't want someone to go to the trouble of answering since I have a solution. Thank you!

Answer 2

Hi 博艺施,

I understand the concern about the situation, and how troublesome this feels when there many installation packages involved. The Q&A Assist has given a very detailed analogy, but in simple terms, the warning appears because your installer currently has low or unknown reputation. So if you're the software publisher, here's what to do:

Sign all installers with a trusted code‑signing certificate and keep using the same certificate for every release
If possible, use an EV (Extended Validation) code‑signing certificate, which gains SmartScreen trust much faster
Host the installers on a stable, reputable HTTPS domain (avoid random download sites)
Keep the installer clean (no bundled or optional software that may look like PUA).

Unfortunatelly, there is no manual whitelist for SmartScreen. Reputation improves only over time as more users download and run the signed installer safely. The blue warning is expected for newer or niche software and should gradually disappear once reputation is built.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Lychee-Ng 20,620 Reputation points Microsoft External Staff Moderator

2026-04-20T07:36:07.6266667+00:00

Hi 博艺施, if you have any other questions about this, feel free to ask.

But in short, what's happening because Windows Defender SmartScreen is reputation‑based, and your installer currently has low or unknown reputation. The direct fix is to code‑sign all installers with a trusted certificate (preferably an EV code‑signing certificate) and keep using the same certificate so SmartScreen reputation can build over time.

Unfortunately, there’s no way to manually whitelist this. Your users (if they trust you) have to click More info > Run anyway to let it launch. Once enough users download and run the signed installer safely, the warning will gradually disappear.

Answer 3

AI answer

Windows Defender SmartScreen is blocking or warning on the installer because it has low or unknown reputation, not necessarily because it is malicious.

SmartScreen evaluates downloads and installers using reputation-based checks:

Site and URL reputation
- SmartScreen checks the download URL against dynamic lists of reported phishing and malicious sites.
- If the hosting site or URL has poor or no reputation, SmartScreen may show a warning even if the file itself is not known to be malware.
File reputation ("not commonly downloaded")
- SmartScreen checks downloaded files against:
  - A list of known malicious software and unsafe programs.
  - A list of files that are well known and downloaded frequently.
- If the installer is new, not widely downloaded, or signed in an inconsistent way, SmartScreen may classify it as "unknown" and show a blue warning that the app "isn't commonly downloaded" or "might be risky".
- This is especially common for:
  - New versions of software.
  - Custom or niche business applications.
  - Large installers hosted on less-popular domains.
Behavior and other signals
- SmartScreen also considers download history, past antivirus results, and URL reputation to decide whether to warn.

What users see

For known malicious files or URLs, SmartScreen shows a strong block page and clearly states the file/site is unsafe.
For unknown or low-reputation files, SmartScreen shows a softer warning (blue or less severe) advising caution but still allowing users to proceed.

What can be done from the developer/company side Based on the provided information, there is no direct "whitelist" program for developers to submit installers just to avoid SmartScreen warnings. Instead:

Use consistent, trusted code signing
- Sign all executables and installers with a digital certificate issued by a trusted root authority.
- Use the same certificate consistently across releases.
- Over time, SmartScreen can build reputation for the signed publisher and the files.
Build reputation over time
- As more users download and run the installer without it being flagged as malicious, SmartScreen reputation improves.
- Popular, frequently downloaded files with clean history will eventually install without warnings.
Ensure the installer does not include unwanted or bundled software
- If the installer bundles software that meets criteria for unwanted software, it may be classified negatively. Review the criteria for unwanted applications and avoid bundling anything that could be considered PUA.
Verify hosting and distribution practices
- Host installers on reputable domains and over HTTPS.
- Avoid third-party download sites that may be associated with malware or unwanted software.
If the software is incorrectly detected as malware (not just "unknown")
- If SmartScreen or Defender classifies the installer as malicious, submit the file as a software developer for analysis and dispute the detection if necessary. Wait for the final determination and use the developer contact form if the result is unsatisfactory.

What can be done for end users

Users can bypass SmartScreen warnings for unknown but not malicious files by choosing the "Keep" / "Keep anyway" options in Microsoft Edge or by choosing to continue in App Installer, but this is not recommended unless they trust the source.
Enterprise admins can configure SmartScreen policies (for example, to prevent or allow bypassing warnings) via Group Policy or MDM, but this affects managed environments rather than changing the file’s reputation.

In summary, the warnings appear because the installers currently have low or unknown reputation in SmartScreen’s cloud service. The long-term solution is to:

Sign the installers with a trusted, consistent certificate.
Distribute them from reputable locations.
Allow reputation to build as more users download and run the software without security issues.

References:

AI-generated content may be incorrect. Read our transparency notes for more information.

Share via

Blocked by Windows Defender SmartScreen

3 answers

Your answer