I am plagued by false-positive malware reports involving pyinstaller, which is a known problem (compare pyinstaller#7967). Now I finally meet these problems on CI, and I am able to reproduce it using a very simple GitLab CI job (YML and Pipeline), yet not locally (docker run -it mcr.microsoft.com/windows:1809 powershell). So there may be something GitLab-specific going on.
How do I disable antivirus "protection" on GitLab's Windows runners?
I thought I had tried that earlier, but
Set-MpPreference -DisableRealtimeMonitoring $trueworks great (YML and Pipeline).