I've been trying to teach myself about windows hacking. Last month I was screwing around with malicious Excel files and today I was messing with various software for backshells. Windows Defender is kind of constant presence when doing stuff like this, it didn't like my metasploit .msi stager (I could use a better way of making those) and today it didn't like some powershell backshell i was playing with. So I decided to replace "PowerShellTCP" with "CowerShellTCP" everywhere in the file and suddenly the AV was happy. It's still not working, but not because of windows defender (I think, I know diddly about windows anything).