Hello Trent,
Thank you for the report.
However, the update has always worked that way, so it's strange that ESET suddenly decided to block that connection for this reason. Perhaps either their settings or policy have changed.
In this case, I would recommend contacting ESET to report the issue. You can reach their lab via email at samples@eset.sk, or, even better, post a message on their community forum:
https://forum.eset.com/. If you are their customer, they are obligated to respond promptly and explain their actions.
Please, note that ESET might offer various explanations for not addressing the issue. These often sound like, "This program has been used in malicious activity" (in which case, ask them how a signed vanilla executable/installer is to blame for such activity). After all, there isn't a single remote access tool on the market that hasn't been used maliciously or for
fraud activities.
Or they might say, "It was compromised" (compromised how? If the certificate was compromised, it should have been revoked, but it's still active). Lastly, they could claim, "It is used in cyberattacks as part of malware"—but isn’t it
their responsibility to combat wrappers, droppers, and all sorts of 'ers,' while leaving legitimate (i.e., digitally signed) software intact?
Another favorite excuse of virtually any antivirus company is: "It violates the
CSA guidelines." A simple question like, "Which specific CSA guideline does it violate?" usually results in frustration and an answer along the lines of, "We say it's a threat because we say so."
