VCRuntime 32 bits detected as malware

[SecSamDev]

Simply compiling an empty project with the VCRuntime trigers all antiviruses:
https://www.virustotal.com/gui/file/889e49b5f1e283ad37ddb4bc032071a23d5401fb1933ea4da16c60e61ddc0c3e/behavior

build.rs

fn main() -> std::io::Result<()> {
    static_vcruntime::metabuild();
    Ok(())
}

main.rs

fn main(){
    println!("{} ", "Hello World");
}

[package]
name = "installer"
version = "2.0.3"
edition = "2021"

[target.'cfg(windows)'.build-dependencies]
static_vcruntime = "2.0"

Compiled with cargo build --release --target=i686-pc-windows-msvc

$ cargo -V
cargo 1.69.0 (6e9a83356 2023-04-12)
$ rustc -V
rustc 1.69.0 (84c898d65 2023-04-16)

I don't really know what to do

[SecSamDev]

Removing the usage of static_vcruntime seems to work changing the config.toml.

[target.'cfg(all(windows, target_env = "msvc"))']
rustflags = ["-C", "target-feature=+crt-static"]

Now only 4 detects the executable using the ML/AI engines:
https://www.virustotal.com/gui/file/495a6353aa613dacd71b7c40e5496a3d4b56b51bd3f0c430eea837f4cdb747a1/detection

Bkav Pro W32.AIDetectMalware
Cynet Malicious (score: 100)
DeepInstinct MALICIOUS
Rising Trojan.Generic@AI.100 (RDML:jji7F2LZqOPIhjZPir

[SecSamDev]

After the investigation there are always laughs: