Kinda old news - Defender file scan, brand new site, just new plugins, no visitors or uploaded files ... and this is in a new WPMU DEV hosted site. The scan went to 98.x% and then froze.
It might be more memory than allocated in PHP.INI (RC). Might be too many plugins. Might be just my lucky day. Whatever it is, this is a very common issue. I strongly recommend that whatever it's doing that there should be logging in the plugin on exactly what its doing. There should be occasional memory checks to see if maybe this process is a little too intense for currently available resources. There should be a link to the access log and error log (not a big stretch for a security plugin, right?). With those tools we might not need for you guys to "fix" this plugin, because the issue might be on our side every time.
But if it's not on our side, um, please fix it.
Oh yeah, and when it does finish it still reports robots.txt as being a "potentially harmful" "Unknown file in WordPress core". Really? C'mon. Oh, go to fix the problem and it says "As far as we can tell, the file is harmless (and maybe even from an older WordPress install) so it's safe to ignore it. " So I guess it was neither potentially harmful nor unknown.
(A little miffed but still lovin it)