I've just about got my new first built PC (which I'm using right now to reply with), almost ready to switch over from the old one for full time use. As always I've been scanning everything I download with not only Malwarebytes & Windows Defender but also checking the download links with VirusTotal, Norton Safeweb & Google Transparency Report. In addition if possible, I also scan the downloaded installer with VirusTotal's file scanner. Upon trying to get Classic Shell from either the official mediafire or fosshub links, uploading the installer to VirusTotal gives some unnerving results. All but one of them claim it's safe by the name of "nProtect" which states it's a "Trojan/W32.DiskWriter 7220496". I immediately deleted the file before installing although I did perform the double-checks listed here prior. The digital signature matches up but I didn't get any further because I wanted to ask y'all first.
Since I can't upload a screenshot of the result to here I'll just type out what it looks like to the best of my ability.
File Name: ClassicShellSetup_4_3_0.exe
Detection Ratio: 1 / 61