Executable generated with gitlab-ci, blocked by Windows Defender (Program:Win32/Wacapew.C!ml)

I have developed a small Python program by my own, which I would like to build with gitlab-ci.

I first tried it locally on my computer (Win10), and built an executable with pyinstaller. All went well and my app worked as I expected.

Then with gitlab-ci, I managed to generate an executable in my artifacts, but here is the problem. I tried to download it to test it, but Windows Defender blocked my app with this message:

Program:Win32/Wacapew.C!ml

Here is my .gitlab-ci.yml (a bit simplified):

image: python:3.9

stages:
  - build

build:
  stage: build
  tags:
    - windows
  script:
    - choco install python --version 3.9.0 --params "'/InstallDir:C:\Python39'" --yes
    - C:\Python39\python -m pip install --upgrade pip
    - C:\Python39\Scripts\pip install pyinstaller
    - C:\Python39\Scripts\pip install -r requirements.txt
    - C:\Python39\Scripts\pyinstaller -F -y
      --distpath $CI_PROJECT_DIR
      --noconsole
      --clean
      app.py
  artifacts:
    paths:
      - ./app.exe

I am using a windows shared runner, as I want to generate a windows executable. Could it have come from there?

Running with gitlab-runner 16.5.0 (...)
 on windows-shared-runners-manager ..., system ID: ...

Is it really a malware, or a false positive? How can I prevent this problem not only for myself, but for all users?

• Microsoft - How can I know if Wacatac.B!ml is a false positive or it's a real positive? (similar ?)
• Reddit - Help, windows defender found Program:Win32/Wacapew.C!ml

Any ideas and comments are welcome. Enzo