Is this a serious glitch in protection?

:-\ I recently installed nircmd to use as a shortcut to blank my monitor screen.

After updating to BOC 4.25, my clicking on the nircmd shortcut blanked the screeen as usual, but 3 seconds later I heard a beep from my PC and found that BOC had flagged nircmd as malware…

I have no problem with nircmd being flagged, as it can be used maliciously.

The problem seems more fundamental: why did BOC allow the screen to be blanked (indicating that nircmd had executed properly) ?

So… malware installs and delivers its payload quickly - THEN - BOC stops it???

To Quote Sophos:

“NirCmd can be used to manipulate a variety of settings on a computer, as well as modifying the registry, adding shortcuts, and opening the default internet connection.”

Perhaps some activity after the screen was blanked is what alerted BOClean?