I have a Windows desktop software that needs to write new folder/files into the %USERPROFILE%\Documents\
folder.
There is a Windows option, under "Ransomware protection", that protects "Controlled folders". Usually, this is disabled, but there are customers who have this turned on, which causes my app to crash when starting up (because it cannot write into the folder).
This 'authorization' cannot be bypassed by administrator rights, i.e. if you run the app as admin the app is still blocked by Windows. The app is digitally code signed by a time-stamped certificate from a trusted certificate authority. Still, this "Controlled folders access" blocks my app.
Typically, the users of my software don't have this option enabled, but some of them do. I would prefer to avoid that we have to instruct our customers to "add our software to the exception of Ransomware protection"... It seems unprofessional and sketchy. But at the moment, that's the only way I can make it work.
Is there anything I can do, on my side, when I deploy my app, that can be accepted by Windows to write into the Documents folder?
EDIT: For example, if I could add an exception via command line, that I could try to put such command to be run by the installer (which requires admin rights). But I'm not sure if this is possible.