Does anyone know if this is a false positive?
Where did you download the installer?
If you downloaded your Notepad++ installer from an official source (official website: https://notepad-plus-plus.org/downloads/v8.4.6/ or anywhere else on notepad-plus-plus.org; official github repo https://github.com/notepad-plus-plus/notepad-plus-plus/releases/tag/v8.4.6 ) then it was a false positive.
If it was from anywhere else, it might be suspect.
We occasionally hear of false-positives on the installers – but normally it comes in a batch just after a version is relesaed; v8.4.6 has been out for a month now. But maybe virus total updated their internal checks and introduced a new false-positive.
This is still the case when using Virustotal to scan version 8.5.3
The algorithms used at VirusTotal are unfairly biased toward automatically flagging any installer built with NSIS (because some viruses masquerade as NSIS installers). Notepad++ is not going to stop using the NSIS installer, so that means that VirusTotal will likely continue to false-flag it.
Per these results, there isn’t currently a false-flag on the official v8.5.3 64bit installer: https://www.virustotal.com/gui/url/5ed5d73a10561c63301ed2f56dd62402b0748880c93a03b147ed09de0864a783
So if you download it from the URL that the report scanned (https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.5.3/npp.8.5.3.Installer.x64.exe – which is the official download URL for v8.5.3), then it’s safe.