Hi,
Kindly check the comment from below link:
Microsoft Senior Threat Intelligence Analyst Kevin Beaumont confirmed the false positive on Twitter and stated that it should now be marked as such in the console. The bad signature causing the false positive has also been fixed, and admins should no longer see new alerts in Microsoft Defender Security Center.
Reference link:
Microsoft Defender ATP scars admins with false Cobalt Strike alerts
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-atp-scars-admins-with-false-cobalt-strike-alerts/
Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Hope this helps and please help to accept as Answer if the response is useful.
Thanks,
Jenny