Thank you for reporting this - we will report the false positive to Malwarebytes
Relevant pages seem to be:
https://support.malwarebytes.com/customer/portal/articles/1835387-how-do-i-report-a-false-positive-found-using-malwarebytes-anti-malware-for-business-?b_id=6442 (https://support.malwarebytes.com/customer/portal/articles/1835387-how-do-i-report-a-false-positive-found-using-malwarebytes-anti-malware-for-business-?b_id=6442)
https://forums.malwarebytes.com/forum/42-file-detections/ (https://forums.malwarebytes.com/forum/42-file-detections/)
https://www.malwarebytes.com/support/business/#techhelp (https://www.malwarebytes.com/support/business/#techhelp)
Do please also feel free to submit a false positive / bug report to them if possible.
I have submitted the case here:
https://forums.malwarebytes.com/topic/196634-program-or-installer-detected-as-ransomware/
And an additional question here:
https://forums.malwarebytes.com/topic/196850-getting-log-of-runtime-detection/
And another additional question here:
https://forums.malwarebytes.com/topic/196854-if-somehing-is-reported-as-ransomware-is-that-the-same-as-a-pup/
Quote
We found out from a customer that when installing the current version of A1 Sitemap Generator - one of the temporary files generated during installation is flagged and quarantined (sitemap-setup.tmp)
Starting mbam.exe with /developer command line does not help much as the false positive is not reported when doing a right click scan.
(And I have been unable to find any log by mbam after the quarantine during the installation.)
You can download the tool from here
http://www.microsystools.com/products/sitemap-generator/
You can find latest report by virus total report
URL (0 / 64)
https://www.virustotal.com/en/url/05bd8f7aa4017f809a984b73ea8cc83b0b8691088dcfdd6488ca76783c57a02d/analysis/1487695458/
Download (0 / 58)
https://www.virustotal.com/en/file/a683208a09a8ff6415a5530f09437d313c6fe749d0586818f57ae9e9e7110852/analysis/1487695464/
For reference:
The installer + all the executables are signed.
- Executables are created in Delphi 2007 to Delphi XE2
- 3 executables are included installed during installation.
- The "best" depending on OS and 32/64bit is then selected as default sitemap.exe during installation which the desktop shortcuts etc.
- Installer is InnoSetup.
If I can get logging working, I will be happy to report that.
Below the above, I have also posted a copy of the report you posted here including the work-around.
Update:A full week in - and no response related to the false detection whatsoever. Have now posted in another more used subforum for false positives:
https://forums.malwarebytes.com/topic/197002-realtime-scanner-detects-my-software-during-installation-as-ransomware-if-first-installed-no-problem/