Its detection of malware is unreliable, as sometimes it has trouble connecting to the cloud, where most of its detections are done. This is evidenced when running scans. Some threats will be missed on the first scan, but will be detected on a second scan, or subsequent scans after that. Its signatures are not that good. But on the plus side, it uploads unknown files to the cloud and eventually adds signatures for missed threats.
I would be interested in seeing a test of it, to see how well its behaviour blocking modules work.