False threat detection, ransomware, on dotnet.exe

Question

I have a large .net7 browser-wasm project that is published with AOT (Ahead-of-time) complication and Sophos keeps flagging "C:Program Files\dotnet\dotnet.exe" as a ransomware threat. The AOT process is linking and packaging a large number of files. Is there anyway to stop Sophos from thinking this is ransomware? Once it thinks it's a threat the file is locked and I am "dead in the water" until our IT staff sets the issue to resolved, but it keeps happening.

This thread was automatically locked due to age.

Qoosh · Answer

Hi James , 
 Thanks for reaching out to the Sophos Community Forum. 
 It is possible to exclude the application in question from being detected. You can do this by following the steps in the following article. - Stop detecting an exploit 
 I suggest reaching out to your IT team to inquire if they can add this type of exclusion.