I've recently noticed that setup packages that are built using Installshield Express 2022R2 are being flagged as containing HEUR:Trojan-Dropper.Win32.Dapato.gen by Kaspersky Endpoint Security 126.96.36.1992.
I have tested the file with other AV software and no viruses were detected. I think this is a false positive being flagged within the newer installation package.
Creating the same installer from InstallShield Express 2021 R1 does not have this issue.
As a work around I have had to revert to using 2021 R1.