WinRAR security flaw ignores Windows Mark of the Web security warnings

I once got a really nasty cryptominer that shut down all attempt to remove it via a fully patched WinRar opening an archive with what seemed to mostly JPEGs (maybe some PDFs as well). Perhaps this vulnerablility the root enabler of the cryptominer.