The downloaded setup binaries’ digital signatures are (quote) “not valid”.
The certs themselves and certification paths appear to be fine.
It just looks like the signatures do not match the actual downloaded content of the SMServer_*_Setup.exe files.
Are they infected?
Or is it because Syncplify.me isn’t being diligent with signing?
SMServer_x32_Setup.exe: v4.0.16.416, 104’632’408 bytes, signed today by “Syncplify, Inc.” (thumbprint 38 24 2c e4 c9 c9 74 91 96 ed d0 74 a9 62 56 6d d5 a3 e6 72), SHA-1 of the whole file 0060A481B7274E6558D559CC27895AC870EEDF5C.
The other *_Setup.exe files’ signatures don’t verify either, but I think one example is enough.
So, is it a legit Syncplify.me Server installer, or not?