Ich habe gelernt, dass es keine gute Idee war eine rar-Datei in eine mp4 oder docx-Datei zum Zwecke der Camouflage um zu benennen. Für mich selbst habe ich die Lösung gefunden, den Ordner und meine exe von Defender raus zu nehmen. Aber für ein professionelles Programm wäre das sicher keine Lösung. Schließlich hat Microsoft diese Option ganz schön versteckt.
Have you tried to simply to name these RAR files to ".dat" or ".bin" ?
The right way is not only rename them but also encrypt, this should solve your problem,
BUT, and it is huge but here, and need some information to keep in mind:
Renaming (and/or) deleting a file using the
OS APIs is closely watched operation by all
AV scanners and specially Windows Defender, this is called a trigger,
so, i suggest to try the following:
1) create a file, new and different file either in the same directory or in different path.
2) choose the name you want, try ".mp3", ".bin", ".dat" ... just test multiple variations.
3) write the data to the new file, may be just copy the content form the old file to the new one.
4) delete the original, and see if this step still triggers the Defender, as it might, being NTFS closely monitored for ownership and permissions.
Please, test the above and report here, so we can see if an encryption is needed, also we need to know exactly what step is the trigger, it could be writing/renaming on that directory and has nothing to do with the files them selves, which is pretty much easy one, but again if you are changing the content of a file you are not suppose to from Defender point of view, or that file is watched for its content then it will trigger th Defender, but this solvable by creating the copy (may be with encryption) the content to different file (woth/without different path) same as above.
And good luck !