a ransomware in a text file .....

maybe check the hash of what you get.

WinPython 2022-04 release (January 22nd, 2023)

in any case if you have a doubt, don't stress yourself and use another distro. You are free

i don't know what is this "scoop" thing

WinPython "original" are downloadables from SourceForce and Github, and you get hash files on github and https://groups.google.com/g/winpython to check what you get is what has been uploaded, 1 year and 5 month ago

chocolatey or scoop being unknown middlemen, anything is possible.

In any case, things should be done to give you more control means:

• A version of WinPython kept below 650 Mo that you can upload to VirusTotal, and that would be greened
• the non-sense balooning of standard version (Anaconda currently the same over 900 Mo) must be reversed.

... so upcoming 2024-04 release will :

• bucher a lot of packages
• have a .7z archive option (as Windows11 can un-pack it)

Further analysis:

• slim version: 620 Mo .exe (auto-unpack 7x): 41/42 vendors are ok
• dot version: 26 Mo .7z: 51/52 vendors are ok
• dot version: 44Mo .zip (the same as above... zip is compressing way less): 54/55 vendors are ok

Conjecture:

• like on official wheel packages experience, it's hard to have not 1 antivirus complaining
• everyone shall read the title of Andy Grove book: "Only the Paranoid Survive"

Holly shit, I'm green !

so, for b2:

• dot versions will be generated as .7z and .exe
• slim version will be generated < 650 Mo and .7z and .exe
• keeping the big one .7z only

it seems clear the small "IA" guessing anti-virus won't want to bet on auto-extract

all releases are now pre-submitted to anti-virus community, with the goal of making at most 1/30 anti-virus un-happy