Doesn't windows check the signature or something to decide if an application should be allowed to bypass antivirus? Seems like doing it based on the filename would be a pretty huge security hole.