Update: 4/3/2020 - This test tool is no longer available. More info to come.
Dummy (Unsigned) ⇒ Ransomware ⇒ EFS
Note: it is important to choose the unsigned version of "Dummy", as the signed version is allowed to encrypt files.
Dummy ⇒ Code exploits ⇒ Dynamic Shellcode (HeapHeapProtection)
Dummy ⇒ Process protection ⇒ CTF Service exploit
Dummy ⇒ Code exploits ⇒ LoadLib APISet
Sophos detect this tool as ML\PE-A (SophosTester_Unsigned.exe)
It seems to be false positive. Are you running the tool in your test environment? Have you tried running on any other test machine? Please check this article for details about ML\PE-A detections.
No not testenvironment, live production. I try to extract the zip. During extraction Sophos popup with this message. You should add this tool in a global exception.