Antivirus False Positive Report - Onyx Workspace

Why is my antivirus flagging Onyx Workspace?

TL;DR: It's a false positive. Onyx Workspace is completely safe - it's being flagged because it's a new application without an expensive code signing certificate.

Common Detections Explained

Avast: "Evogen" Detection

What you'll see: Avast flags the installer or executable as "Evogen"

What this means:

  • Evogen is Avast's generic name for "potentially unwanted programs" or unknown executables
  • It's not actual malware - it's a catch-all category for files Avast doesn't recognize
  • This happens to thousands of legitimate applications daily, especially new indie software

Why it happens:

  • Onyx Workspace is a new application with no "reputation history"
  • The executable isn't signed with an expensive certificate
  • Avast's heuristics flag unknown desktop applications as potentially suspicious

SkyHigh SWG (Secure Web Gateway)

What you'll see: Corporate networks or enterprise antivirus blocking the download

What this means:

  • SkyHigh is an enterprise security solution used by companies
  • SWG (Secure Web Gateway) blocks downloads of "unknown" files
  • This is extremely common for new software in corporate environments

"BehavesLike.Win64.Dropper" Detections

What you'll see: Warnings about "dropper" behavior

What this means:

  • A "dropper" in security terms means software that creates files on your computer
  • Every desktop application does this - it's completely normal
  • Onyx Workspace creates configuration files, saves your data, etc.

"Suspicious.Low.ML.Score" & Similar

What you'll see: Machine learning-based suspicion warnings

What this means:

  • Modern antivirus uses AI to score files as "suspicious"
  • Low scores just mean "unknown" - not "dangerous"
  • These are the least serious types of detections

Why Isn't Onyx Workspace Code Signed?

Code Signing Costs

Code signing certificates cost $200-400+ per year from trusted authorities like:

  • DigiCert: ~$400/year
  • Sectigo: ~$200/year
  • SSL.com: ~$300/year

Why This Matters for Indie Developers

As an independent developer creating free software:

  • $200-400 is significant for indie projects
  • It's not a one-time cost. It's an annual renewal.
  • It requires business registration and legal documentation
  • I'd need a significant user base to justify the expense

Industry Reality

Thousands of legitimate applications ship unsigned, including:

  • Open source projects
  • Indie games on itch.io
  • Small utility applications
  • Beta/early access software

How to Safely Install Onyx Workspace

Option 1: Add Antivirus Exception (Recommended)

For Avast:

  1. Open Avast antivirus
  2. Go to SettingsGeneralExceptions
  3. Click Add Exception
  4. Browse to your downloaded Onyx Workspace installer
  5. Add it to exceptions
  6. Run the installer normally

For Windows Defender:

  1. Open Windows Security
  2. Go to Virus & threat protection
  3. Click Manage settings under "Virus & threat protection settings"
  4. Scroll down to ExclusionsAdd or remove exclusions
  5. Click Add an exclusionFile
  6. Select the Onyx Workspace installer
  7. Run the installer

Option 2: Temporary Disable (Quick Fix)

  1. Temporarily disable real-time protection
  2. Install Onyx Workspace quickly
  3. Re-enable protection immediately
  4. Add the installed app to exceptions

Remember to re-enable your antivirus!

How to Verify Onyx Workspace is Safe

Check the VirusTotal Report

  1. Go to VirusTotal.com
  2. Upload the Onyx Workspace executable
  3. Look at the results or click here for an already-uploaded report:
    • 2 out of 70+ engines flagging it is very low
    • Major vendors (Microsoft, Norton, Kaspersky) show clean
    • Only heuristic/behavioral detections - no actual malware signatures

What Good Results Look Like:

  • Microsoft Defender: Clean
  • Norton: Clean
  • Kaspersky: Clean
  • Bitdefender: Clean
  • 2-6 minor vendors: False positives (normal)

Red Flags to Watch For (Not Present in Onyx):

  • ❌ 20+ detections
  • ❌ Major vendors flagging as malware
  • ❌ Trojan/virus signatures (not just behavioral)

Still Concerned? Here's What You Can Do

Contact Me Directly

Independent Verification

  • Ask in tech communities like Reddit r/software
  • Wait for community reviews and reputation to build

Monitor Development

  • Follow updates - signed versions may come in the future
  • Check for community feedback from other users

Last Updated: October 2025
Onyx Workspace Version: 1.0.0