There are more Process Hacker 2 users on other forums (Malwarebytes) who've run into this new problem. It does not just affect Defender but also MSE (Microsoft Security Essentials) which almost certainly uses the same MS definitions.
No other security software is reporting any problems so why PH2 is suddenly being flagged as a hack tool threat MS need to explain.
That thread linked to by expert_vision
is pretty much useless, as are so many MS help pages, but the fact the article is there and published only last week, just before the most recent Defender/MSE definitions updates causing these reports is suspicious. Just look at the primary source of concern cited in the article:-
Hacktools can be used to patch or "crack" some software so it will run without a valid license or genuine product key.
Its not that hack tools can be used to gain remote access to your PC, stuff up your system and steal your money no, it is MS suddenly being concerned that hack tools can be used for that including Windows OS and other MS products. Can PH2 even be used for that? Has it ever been used in this way? MS probably also do like the fact PH2 can be used as replacement for Task Manager and is more useful. It is good at highlighting and locating MS snooping software which they've a habit of sneaking onto our computers as "important" updates.
The fact is MSE and I assume Defender have been happy with PH2 for years so this is new behaviour and undoubtedly the result of the MS definitions update - whether deliberate or accidental awaits to be seen.
What is ironic is that if you're using the 64bit version of PH2 the quarantined files do not include the x86 folder which contain the 32bit Process Hacker.exe. Pretty dumb if this is an intentional change for genuine security reasons.