Can’t figure out how to stop Malwarebytes notifications

I keep getting notifications of Syncthing-related processes being blocked in Malwarebytes. All events are logged as RTP detections. The event details vary: most are for Trojans, but some are for malware, riskware, and “compromised”. Every action has been “blocked website.” I set up Syncthing a few weeks ago, and up until yesterday all detections were for the same location/IP address. Adding the IP address to the Allowed list in Malwarebytes seemed to fix the issue, but now I’m getting the same set of alerts for a second, different location/IP address.

Assuming this is a false positive, how can I get this to stop? Adding the Syncthing.exe executable didn’t fix the problem when I attempted this a couple of weeks ago.

I’m also not sure why the event details (Trojan, malware, riskware, compromised) vary when “Action” and “Event” are consistent in the logs.

I’d get rid of Malwarebytes to be honest.

As for why your AV is constantly alerting you to potentially risky activity: some of our relays are also running Tor-related stuff on the same IP. That’s perfectly fine, but some vendors use that as an indicator of nefarious activity going on.