Did we miss the egg of Columbus? Indeed for MS Security I found: <https://github.com/MicrosoftDocs/microsoft-365-docs/blob/public/microsoft-365/security/defender/m365d-autoir-report-false-positives-negatives.md>
and probably we have to go for Report a false positive/negative to Microsoft, considering the subcase "File or app on a device" <https://www.microsoft.com/en-us/wdsi/filesubmission/> Here there are several possibilities... maybe the most appropriate choice would be "submit as software developer" (which I'm not, but I don't mind to pretend if I can contribute to the cause). Going for that path, MS lawyers-bot come in and ask you to accept: `Windows Defender Security Intelligence needs your permission to: View your basic profile Windows Defender Security Intelligence will be able to see your basic profile (name, picture, user name). View your email address Windows Defender Security Intelligence will be able to read your primary email address. Maintain access to data you have given Windows Defender Security Intelligence access to Allows Windows Defender Security Intelligence to see and update the data you gave it access to, even when you are not currently using the app. This does not give Windows Defender Security Intelligence any additional permissions. Accepting these permissions means that you allow this app to use your data as specified in their terms of service and privacy statement. The publisher has not provided links to their terms for you to review. You can change these permissions at https://microsoft.com/consent. Show details` This is something I could do with my Microsoft home account (I'm not sure what "developer" means for MS in this context). So I moved on, accepting requests, after logging with my personal Windows (free) account and then I have some field to fill-in, including corporate (I'm not). I can possibly fill in the field with dummy stuff, but then I'm not sure it will be properly handled. So I probably should go for the path submit as Home Customer. Here less mandatory fields. But then what files? We know it's a moving target. In my home PC, the last malware detection (I ignored all of them) appeared when I installed 1.4.8 choosenim and is reporting: nimble.exe, nimgrep.exe, testament.exe, vcc.exe. I can submit all of them in 4 separate submissions, but probably I should target choosenim installing1.6.6. Then I can add something more meaningful information in the notes (any suggestion?)... if we think is the appropriate path, we can ask all the windows user in Nim community to do the same, either with Home Customer, like me (no, I'm not willing to play with my work PC, they have this "smart" anti-malware agents that can lock your PC out from corporate VPN, it happened to a lots of colleague of mine, not for Nim, but for other suspicious software), or with Corporate Account. I believe that submission as developer might be considered more seriously, but maybe I'm wrong. **Probably a coordinate effort would be more productive.** We should avoid that our submissions are all dropped as noise / spam (very likely), and hope to reach some human brain "smart and kind enough" to digest the right information properly. Putting only some specific binaries in a whitelist will not solve the problem. They should remove some inappropriate "fingerprint" left by Nim compiler since 1.4.8 from their flawed heuristic.
