« on: Today at 01:48:05 pm »
I think it might have something to do with the fact the ZIP file contains not only IPS patches, but a C executable file and matching C source code file...
Right. It's picking up the embedded exe file. Binary patching executables are often detected as false positives because of the heuristics used by many scanning engines for potential threats. As the readme file describes, the exe should be the compiled version of the included source code.
It seems others have gotten this to work. Only one person tried to compile the source themselves, but did not succeed using Visual Studio Community Edition (no reason why given).
As Zynk pointed out, an original archive exists at the tripod link too.
It's doubtful that the exe is harmful and does anything beyond what it says it does. Based on the scan results and the fact that others have used it, it seems legit to me and nothing more than a false positive.
I don't know what's up with the one on this site tho. The contents might be the same for both here & that link
The .exe is byte for byte the same in both versions, so that should have no bearing on this topic. I've seen similar cases often through the years where people update archives several times on release day to fix mistakes, and they give no indication or notation on the changes or things fixed.