I am a software developer. I write and sell a (Visual C++) software product. I have just released a new version of my software. First in years. Customers buy a licence and download the software from the Internet. I've had my share of false positives from AV programs in the past and have done everything we can to avoid that happening. Actually recently it seemed to have got much better. We always have a valid code signing certificate and we always sign both the program itself and the installation program. The following happened when we just released a new version of the software.
(1) If a customer using Microsoft Edge clicked on the download button to download the installation program from an Amazon S3 bucket, Microsoft Defender SmartScreen put up a big red screen saying "THIS SITE HAS BEEN REPORTED AS UNSAFE" (in big letters). It gives the name of the download site (our bucket) and then says "Microsoft recommends you don't continue to this site. It has been reported to Microsoft for containing harmful programs that may try to steal personal or financial information". This of course is nonsense. We have reported this several times, but it's still happening.
(2) If you downloaded the software using another browser, when you tried to run it, Windows Defender said it contained a trojan virus. We had previously submitted the file to VirusTotal and all 64 AV programs had pronounced it clean. We of course at once submitted the file to Windows Defender, and to be fair they responded quite quickly. Windows Defender (in its updated virus definitions at least) no longer is reporting any problems with the file.
(3) However, now if you download the file on a web browser (other than Microsoft Edge because they're still blocking it), when you come to run it, you get another screen (blue this time) from Microsoft Defender Smartscreen which says "WINDOWS PROTECTED YOUR PC" (in big letters). And then says "Microsoft Defender SmartScreen prevented an unrecognised app from starting. Running this app might put your PC at risk".
It has been doing this last one for ages. I have tried reporting all of these issues to Microsoft every way I can think of. I have submitted numerous files. I have given all the information I can think of about myself and my company. We have been around for over 20 years. We have been using code signed certificates for a very long time (can't remember when we started doing that).
WHAT CAN WE DO TO STOP THIS HAPPENING?
We have tried contacting Microsoft support. We just get passed from one team to another. We have tried going via our Microsoft representative that get our MSDN sub and software licences from. They say they can't help. We have looked everywhere on the Internet for help and advice. This is damaging our business. Our customers are understandably very concerned and complaining. What are we supposed to do?