casey
Microsoft Defender detects just.exe v1.43.0 as Trojan:Win32/Filery.I!cl
I'm reporting a likely false positive malware detection from Microsoft Defender for the just.exe binary installed via WinGet. This is preventing me from using just on my work computer.
Environment
- OS: Windows 11
- Antivirus: Microsoft Defender (with up-to-date definitions as of Sept 29/30, 2025)
justVersion: 1.43.0- Installation Method: WinGet (
winget install Casey.Just)
Steps to Reproduce
- On a Windows machine with Microsoft Defender enabled, ensure virus definitions are current.
- Open a terminal and run
winget install Casey.Just. - During or shortly after the installation, Microsoft Defender flags the executable.
Expected Behavior
The just.exe binary should install and run without being flagged as a security threat.
Actual Behavior
Microsoft Defender detects the executable as malicious and quarantines or removes it, preventing the program from being used.
Detection Details
- Threat Detected:
Trojan:Win32/Filery.I!cl - Affected Item:
file: C:\Users\<USER>\AppData\Local\Temp\WinGet\Casey.Just.1.43.0\extracted\just.exe - Date Detected: September 29, 2025
Additional Context
The !cl suffix in the detection name indicates this is a generic, cloud-based heuristic detection, which strongly suggests it is a false positive.
As a developer, I understand these things happen. The maintainers may need to submit the just.exe binary to Microsoft as a false positive for analysis.
Unfortunately, I had to remove just from my machine due to my company's security policy.
Thanks for maintaining this great tool! Let me know if you need any more information.
Thanks for the report! Well that is annoying 😅 I submitted the 1.43.0 just.exe binary to Microsoft, hopefully they add an exception.
