Citadel
Documentation menu

"Windows protected your PC" — What's this warning?

When you first run CitadelSetup.exe, Windows may show a blue dialog:

Windows protected your PC Microsoft Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.

[Don't run]

This is normal for Citadel right now. It does not mean the installer is dangerous — it means Windows doesn't yet recognize our publisher. Here's how to run it.

The one-click fix

  1. Click More info (small link under the title)
  2. Click Run anyway (button that appears below the publisher info)
  3. The installer proceeds as normal

That's it — SmartScreen won't ask again on this machine for this version.

SmartScreen dialog showing More info link

Why does this happen?

Windows SmartScreen flags any executable that:

  • Isn't digitally signed by a certificate authority trusted by Microsoft, or
  • Is signed but hasn't built up enough download "reputation" yet

Citadel ships as an unsigned installer today. A proper code-signing certificate costs $300+/year and requires identity verification — we chose not to pass that cost on to subscribers at $9.99/mo.

Is it safe?

Yes. You can verify that yourself:

  1. SHA256 checksum. Every release published on GitHub Releases includes the installer's SHA256 hash. You can compute the hash of your downloaded file and confirm it matches:

    Get-FileHash -Algorithm SHA256 $env:USERPROFILE\Downloads\CitadelSetup-*.exe

  2. Transparent build pipeline. The installer is produced by installer/build.js on GitHub Actions (publicly viewable). The bundled Node.js runtime is verified against Node.js's own published SHA256 checksums during the build.

  3. Scan with any AV. Upload CitadelSetup.exe to VirusTotal. A fresh unsigned installer may show 1-2 heuristic flags from less-common engines; major engines (Microsoft, Kaspersky, Bitdefender, Sophos, etc.) will come back clean.

Edge case — "This publisher has been blocked"

If you see a different red dialog saying the publisher is blocked by your organization's policy, you're probably on a work machine with SmartScreen set to "Block". Either:

  • Run the installer on a personal machine, or
  • Ask your IT team to add CitadelSetup.exe to the allowed list

We can't bypass org-level policies from our end.

Still uncomfortable?

That's fair. If you'd rather wait for a signed build before subscribing, follow @Sk3tch_Dev on Discord — we'll announce when signed releases ship. If you've already subscribed and changed your mind, refunds within 14 days are handled through Paddle via your account page.

Edit this page on GitHub