If you understand what a generic signature is, you'll understand the link to the term "heuristic".
If you understand what a generic signature is, you'll understand such signatures can't blindly be trusted.
There are countless examples of a keygen which has malicious code embedded within it. Therefore, it makes perfect sense for an AV to go on a mass-blockage for such content.
No, it does not. An AV doesn't even know it's a keygen. All it knows is that it's packed in a way that makes the analysis impossible unless you actually run it.
If the sample is already flagged then they may not bother adding an explicit generic signature for the family. They will have other work to do such as flagging families which aren't being detected with existing generic signatures.
Why, oh why would they bother to make their (paying) customers aware when they encounter an extremely dangerous ransomware currently in the wild
, when they could show them a signature that SOME such customers might choose to ignore SPECIFICALLY BECAUSE they have encountered it in so many FP cases. Makes sense, yeah. They're busy with more important things. (Some other vendors, such as Kaspersky, have nothing else to do than to waste their time and label keygens or patches with "not-a-virus:", and Avast can't be bothered to properly label ransomware?!).
At the end of the day, you need to stop acting like a bitch and know your place because you don't know what you're talking about. Stop spreading bullshit.
This applies to you too. I have probably encountered the first virus before you were even born. Stop spreading arrogance. You have no right to assume you have a better understanding of malware than I do.