Oh interesting. Yes I suppose it could be a legitimate installation script as well. But this is why I am also, as
@Nightwalker alluded to, opposed to tightening HIPS settings by hand with ESET. This is basically inventing your own first-generation behavior blocker, except all the mature behavior blocker products have literally years of experience whitelisting specific exceptions. ESET HIPS is a powerful tool for enterprises or hardening servers that have very static workflows, but I don't think most of us want to sign up to invent our own antivirus add-on!