KB4724 hot fix for CVE-2025-23120 false positive?

[mkaec]

I got an email from Veeam that a hotfix is available for this CVE. I follow the link to https://www.veeam.com/kb4724 and download the hotfix. But before I can do anything with it, Windows Defender throws it in the quarantine. It states that it contains Trojan:Script/Sabsik.TE.A!ml and "... is dangerous and executes commands from an attacker." In the old days I would declare false positive and set up exclusions. But these days it could be a supply chain attack and the best thing would be for Veeam to clear up things with Microsoft.

[Gostev]

I don't remember a single release lately that did not trigger a false positive at least in 1 AV engine on VirusTotal. There are just too many patterns they are looking for these days, and it is impossible to avoid triggering at least some.