I had that thought of "existing installers are sus..." but didn't connect to "fingerprinting it as malware". Makes sense.

Couple questions as savvy tech person but not working day-to-day in security/IT:

Would a regular home user with an old installer in their Downloads folder need to worry? (is a bad download file going to target looking for these old installers, then moving files around, etc?)

On the other hand, I could see corporate IT having the stronger case of proactively wanting to flag this installer if present on their systems.

[dead]