All Windows VMs have Windows Defender enabled. On access the threat will be assessed and in case the file is compromised, the user will be warned and the file will be deleted.