Most antivirus software is very aggressive, because false positives are much safer than false negatives! But even false positives can scare people away, so I follow these steps to make sure IMD is not falsely flagged as malicious:

1. Submit exe to AV provider for analysis. I submit releases to Avast Threat Labs and Microsoft Security Intelligence to ensure they approve of the exe and will not flag it with their screening systems. I can't submit it to everyone, so I've picked the two most common.

2. Manually compile pyinstaller from source, instead of using the precompiled wheel distributed by pip. This article has a pretty good guide. Pyinstaller results in far too many false positives, Nuitka is a better long-term solution

3. Try removing/adding upx (--noupx), sometimes that changes the exe signature enough to reduce detections. Not sure how much this actually helps This has little effect and just slows down app startup.

4. Get a code signing license so you don't have to submit to AV providers as often Done

5. Use nuitka to transpile the app into C code and then compile. Actually compiling to C instead of bundling everything with pyinstaller will differentiate the app from other pyinstaller apps, maybe making it unique enough to avoid trust spillover from malicious pyinstaller apps. Nuitka still has false positives but it seems much better overall.

6. Rewrite the app in C++, use Qt directly, and avoid all this nonsense. The best long-term solution, but lots of work.

(todo maybe start using the wiki for things like this)