My issue with these tests is it involves a person manually running malware exe on their computer with admin rights. Which is just stupid. Yes stupid people exist on the internet, but the tests need to be realistic.
The security business on PC's is a huge market its absolutely massive. I think most of it is based on hype and fear. We are led to believe things like drive by infections are really common, and that bad common sense is only a small factor. e.g. People sell anti ransomware software that costs in excess of £40 a year for just one single device, so think about it, over 5 years you spend £200 on something that has a very small "chance" it will save you say £200 on a ransom, its an expensive form of internet insurance. If you was protecting say 3 family devices that would be £600 over 5 years.
I think its very telling that in the past on security forums I often used to see a person post saying he got infected how to remove etc. and me and others were obviously curious and would ask how he/she got infected in the first place, 9 times out of 10 they would vanish probably too embarrassed to say they downloaded a dodgy exe of the internet and just ran it. The other 1 time out of 10 usually confirmed that. I think the most realistic danger is from email attachments, and a lot of modern anti virus no longer even scans emails anymore from programs like outlook as they consider webmail to be the thing now, e.g. emsisoft doesnt do it. This was what motivated me to do my "free" protection write up for kitz which I hold my hands up is still not published sorry.
We really need to have people using restricted account as a default thing, in linux you dont login as root and do your daily browsing on that account. Linux also doesnt have executables routinely run from its temp folder, windows is a complete mess right now in terms of file isolation, so many updater's, and installers run from the temp folder which is horrible security practice, its a sane security policy to block all executable's in writable folders, but made difficult by what these app developers are doing, this includes the user profile folder which is meant for user data not program binaries. I even have started seeing binaries been placed in the ProgramData folder.
Also there is probably at least some links between people involved in security software and malware authors themselves, what better way to sell your software than to make some kind of malware to build up demand for it.