Hello... I've build an EXE file to be run in a 32bit version of Windows, using pp on a fresh install of Strawberry in a WinXP x86 virtual machine that I have in my Win10 x64 PC. To test the build, I copied the EXE to my real machine and suddently all stopped. Windows Defender deleted the EXE and notified me that a virus was detected: "Trojan:Win32/Skeeyah.A!rfn". I tried copying the file previously renamed to ZIP, and it was also deleted. Argh!
AFAIK, pp generates an EXE that has two parts: a runtime and a directory structure with all the modules dependencies that it is extracted to a temp dir cache. When the EXE is renamed to ZIP, only some of the files are available to extract into a folder. So, I unpacked the ZIP contents to a folder in WinXP, repacked it again and copied that recompressed folder to Win10 successfully, and also extracted all the files... it was not one of that group. Then I did the same with the cache folders I've found in WinXP, and copied them successfully again. So, there is something extra in the original EXE that has a signature that Windows Defender recognizes as a virus/trojan.
What other thing could I do to bypass this issue? I don't think that PAR::Packer is generating a "corrupted" EXE, at least I suppose that my WinXP VM is not infected and PAR is being an inocent victim of it.