I have an on-prem application (packaged as windows installer and written in .Net) in which I need to provide silent updation i.e., updation to this application should happen in background. I wrote some code in to do that basically first download the updated file from a URL in background and then installing it in background as well (via spawning a silent msiexec process). This seemed to work and the application was getting updated to newer version as well but after updating the application once if I want to update the application again, ASR rules in windows is blocking the file to update (even when I try to update it manually).I am using windows installer to update the application. Attached are the images that is shown by windows installer and the notification shown by windows security. Can someone help how to resolve this ?
I'm guessing you have some custom actions in the MSI. The first step is to sign all files that trigger anti-virus. Signing with the same certificate as the application and the MSI is a very strong signal that the code belongs together.