It says the “Threat name” is “Win32:Adware-gen [Adw]” and describes the “Threat type” as “Adware - This threat can display or download annoying advertising banners and pop-ups, or possibly hijack your search engine.” Should I just click the “Report as false positive” link?
I downloaded wingit-136.zip from Index of /if-archive/programming/glulx/interpreters/git
Incidentally the link at the bottom of Windows Glulxe and Windows Git is dead as it’s to the Git 1.3.5.
It’s a false positive: I had another similar report a few days ago about Windows Defender. I found I could reproduce the problem by rebuilding git from source with the Visual C++ I had installed, but no other executable I built showed any problems.
I updated my Visual C++ install to the latest version and rebuilt, which seemed to shut Windows Defender up, and updated the version of git on the IF-Archive. Possibly Cloudflare has not noted that change yet, or possibly AVG is using a slightly different pattern recognition.
Try the latest release at Releases · DavidKinder/Git · GitHub as that is definitely the rebuilt version.
AVG shows the same warning for the file from your Github account, but based on your reassurances I went ahead this time and it works well. Thank you.
4 years after we on with the same problem with windows git.
Avoiding this situation requires someone go through the bureaucratic overhead (and pay hundreds of dollars a year for the relevant certificate) to be able to sign the code.
As I observed before, code signing does not stop false-positive reports from virus scanners. There are good reasons for going to the trouble, but this doesn’t appear to be one of them.
Is Windows Glulxe ever affected? Why only ever just Windows Git? I wonder if it’s the Git exec loop optimisations that are triggering these false reports. It’s the only substantial difference between Git and Glulxe.
what happens if you rename it 
Here’s one report of an antivirus balking at glulxe, so it doesn’t seem unique to Git.
Code signing is a joke, along with antivirus.