Installer for windows being blocked by Defender, "Trojan:Win32/Zpevdo.B"

I tried installing the software on windows from the official github page but found this trojan warning, install was blocked automatically. On searching up this trojan, I found it was associated with granting unauthorized access across Windows Firewall. Please clarify whether this is an intended feature of the Activity watcher or the github installer link has somehow been compromised.

EDIT: This is a new flag, previous questions regarding similar security warning have had a different warning.

Also, from what I can gather from previous replies, it is related to the keylogger function in the software. I hope there is an option to disable keylogging in ActivityWatch

Yes this is intended behavior, we use the port 5600 for the web-ui and for our watchers to connect to the server. The port is only exposed to the localhost so it is secure, but windows defender can’t know that until you run the program so it’s only option is to mark it unsafe.

Also see this issue for details on past false-positives by antivirus systems:

Also, from what I can gather from previous replies, it is related to the keylogger function in the software. I hope there is an option to disable keylogging in ActivityWatch

We no longer use a keylogging-like approach on Windows to detect activity anymore, instead we use Windows APIs to detect if there’s been any user input or not (no keys directly listened to), so this shouldn’t be an issue.