IIRC Windows Defender flags my Go binaries as this trojan all the time, especially if I build with -H windowsgui to hide the console window. That signature is trash.

A fair amount of actual malware is written in Go. One important reasons is probably because being statically compiled by default simplifies the whole deployment story, which matters even more for malware than many other things.

Go binaries share a lot of the same code: the Go runtime, stdlib. And the heuristics malware scanners use seem to have trouble with that.

Or at least: that's always been my assumption why so many legit Go binaries get flagged, but I don't really work in this space so what do I know...

Defender detected the same "Trojan" when I downloaded redbean recently.

Most likely a false positive.

windows always flags my software as wacatac too, even if it's harmless