Powershell is not a signed process. So if you change the name of the file, it will be blocked by NVT ERP, because it will be seen as an unknown file, assuming the hash is different. If the hash is the same, it will produce a vulnerable process prompt, as mentioned earlier in this thread.
Comodo will see it as an unknown file, if either the name or path is changed.
