Hey shmu26, yeah, it is normal if VS is ON / Aggressive because Microsoft is excluded from the “Automatically allow items that match a digital signature in the whitelist snapshot” option. If we ever can confirm that Microsoft sigs are pretty much never forged, then we can include them in this option. But since they usually follow the rules and do not put executables in common malware hiding spots, this is pretty uncommon, and so far I have only seen this with One Drive… which, if you ask me, is not a bad idea to prompt the user for anyway ;).
