POSWIZARD.exe false positive

[Joep]

POSWIZARD.exe is marked as ransomware. This is tool we use to update sql database after software updates of our software. More information about our software at www.clubprophet.com

Please let me know how I can submit the file in private. This is licenses software that I don't want to put here in the forum for the public.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 04/01/2022
Scan Time: 02:24
Log File: 166bc9fc-6cfd-11ec-84d2-5a1eb66f2c95.json

-Software Information-
Version: 4.4.11.149
Components Version: 1.0.1513
Update Package Version: 1.0.49364
Licence: Premium

 

File: 
MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\POS PROPHET SYSTEMS\POSEXPRESSWS3\POSWIZARD.EXE, No Action By User, 0, 392687, 1.0.49364, , shuriken, , 00276689870C211475D3C7CB73DDE982, 1A1ADF8BCE3AE0285EE268887270E59C46F1DC049FA56C8077C2A4D7AA8A4543

 

[miekiemoes]

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/
Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
 

[Joep]

Great! Thanks for the fast reply and resolution!