I don't think I said anything that disagrees with this? In this case the output of the KDF is used as a key to decrypt a further key, with is in turn used to decrypt your file. So an attacker can't just do a simple check to see that he guessed the right password, he actually needs to decrypt the file and see if garbage comes out or an actual decrypted file.