I tried it on a VM, it did work. [WIN + R] opens the run app down left in the left corner.

[CRTL + V] pastes a small code snippet in the run app and once [ENTER] is pressed it closes the run app and in the background downloads and executes a larger code snippet from a malicious website.

So if you press exactly what they told you to press it would install a malware on your computer. Now this typically targets people that don't even know what the run app is.