Hi Kevin and welcome!
This software is legit, it is hand written by me. It is cross-compiled on Linux.
What I think is not legit is accusing software developers in distributing malware, without any reason nor consequences for such accusations. It is for years known that some "companies" declare almost everything complied by (open source!) GCC and/or distributed with NSIS installer (open source!) as viruses/malware.
One time Bitdefender has declared my site as malware distributing... many people could not open it then. I have written Bitdefender and they have removed my site from the black list. Silently. No explanation, no excuse... Note that per rules any website has available in open information of responsible person, with (real!) name, address, etc. It is easy to inform this person automatically when something bad is detected, but they do not do this.
To give you an idea how "helpful" these antivirus sites are. This week we had crypto-trojana at work. Usual thing, all files encrypted with the text file in the near how to get everything back...
I have uploaded this trojana to VirusTotal... CLEAN!
Sure we have alarmed the antivirus company we use and several hours later the file could be detected as crypto-beast also online. But that obviously was too late. Digging a bit more, I have found that there was already a publication in the Internet about this concrete version, 3 days ago.
I do not want spend my time writing all these "engines" to whitelist my programs after every release. I am not commercial company, so I do not care.
It is up to you to trust some concrete person, with which you can communicate directly, or some questionable "company". You can try to write them (I mean f.e. Endgame) and ask what they think about the problem. It will be interesting to know how fast and how informative they are ready to communicate with people they try to "defend"
Cheers,
Alexey.