I tried running the passwordstate.exe file on my web server, but got an ambiguous error message. I tried a few times, including from a local (not-networked) folder and after a reboot.
Then, I checked my Windows Defender logs. The executable was blocked by ASR because it did not meet prevalence, age or trusted list criteria. I guess Microsoft has not seen enough of this file yet to know it's legitimate.
The fix is to run Add-MpPreference -AttackSurfaceReductionOnlyExclusions <filename> from an elevated PS prompt on your PasswordState server.
