However, when I try to execute Step 3 that says to issue this command:
.\bitwarden.ps1 -install
Bitdefender blocks it, with the message:
PowerShell tried to load a malicious resource detected as Heur.BZC.ZFV.Boxter.341.3970F0B0 and was blocked. Your device is safe
and the command errors out in powershell with the message:
At C:\Bitwarden\bitwarden.ps1:1 char:1
param (
This script contains malicious content and has been blocked by your antivirus software.
+ CategoryInfo : ParserError: (: ) [], ParseException
+ FullyQualifiedErrorId : ScriptContainedMaliciousContent
Is anyone else having this issue? I assume it is a false positive, but am not sure how to confirm that?
I can pretty much guarantee you that it is a false positive.
Bitwarden is open-source meaning you can see the source code of what make Bitwarden tick, and can view the PowerShell self-hosted install script here.
If you can’t make sense of all the source (genuinely most of us cannot otherwise you are probably a coder) then the other thing you can do is put some trust into 3rd party auditors such as Insight Risk Consulting and Cure53 which Bitwarden has used in the past.
You can trust, but verify as well (which is extremely important IMO) as Bitwarden is very transparent and all their security reports are provided here.
In reading this Bitdefender community post your best option may be to report the error and false positive to Bitdefender to resolve though.
Regardless I hope this post helps to alleviate any worries.
