My guess is that it's a false positive or detecting a burst in write-operations as ransomware. However, you should always use your own judgement on these things.
I'm uploading each build to VirusTotal before I release, so there should have been an existing analysis result when you've uploaded.
Aha - I just checked the notifications, and it turns out it's only triggering/quarantining the *.LNK file on my desktop... (??) So weird, anyhow, I'll just add an exclusion for it - Sorry, my bad, I just saw the virustotal stuff and thought it was weird - I don't use virustotal that often so that didn't help either - Hitman didn't find anything so that's good, even with the virustotal API there so that's fine too...