These are false positives (the Wacatac one esp. comes up a lot) and there is nothing I can do about them.
I have started posting hashcodes for all zip downloads though - bottom of the post. If you run certutil on the downloaded zip, eg:
cvertutil -hashfile blah.zip SHA256
...and it comes up with the same SHA256 number, then the file you have received is at least the file I sent, meaning at least it hasn't been interferred with en-route.
Past that, it's purely up to you whether you trust that I sent a 'clean' file in the first place or not.
You can also send the file to 'Virus Total' online but that does sometimes come back with a few false positives too - esp. through the 'AI' virus checkers.
Bye,
Mark