Would like to get a clean download to use and learn from.
This is not a Fedora ISO problem.
Are you downloading from https://getfedora.org/en/workstation/download/?
If so, Fedora takes your security seriously … you can confirm the integrity of your downloads by following the link at the bottom of that page to verify your download.
Otherwise, either your PC was already compromised before the download or your AV is being paranoid. In case of the latter, you might disable the policeman (AV) while processing the image or add an exception for the ISO – but that is after verifying the ISO
Hey! Don’t forget to verify the ISO first (Okay, I said that before)
Just verify the hash calculated on your PC with the SHA256 provided in the download page. If they come out to be the same, there is indeed nothing to worry about and the detection is simply false-positive.
@jcbkr: Welcome to our community!
Can you tell us what is your antivirus?
Does it tell you from where it was downloading the iso?
Does it tell you what file inside the iso is problematic?
It seems to me that you would have to disable your antivirus before attempting the download of the iso.
I would probably suggest you don’t download yourself the iso, but let mediawriter executable download it … because I think it will test the iso for you… at least if you are not trying to download a spin or lab version. Note that it will also write it to your USB key. @twohot: I think the link to verify the download would not work for a Windows user.
Note that a previous discussion is about detection of an virus heuristic (suspicious thing) in: https://discussion.fedoraproject.org/t/virus-warning-downloading-the-fedora-32-iso-on-windows/67086
True but Windows Users still have other ways to achieve that.
Here are some: https://www.nextofwindows.com/5-ways-to-generate-and-verify-md5-sha-checksum-of-any-file-in-windows-10