Defender didn't find infected files in wp-content

We had infected files in wp-content directory (index.php, uploads.php, functions.php) with malicious code, but Defender didn't show up this files during the scan.

This was replicated by staff member during chat session