LabWindows/CVI

Sounds like an antivirus to me...

Agreed - sounds like "Windows SmartScreen" interfering. More details here:
https://www.minitool.com/backup-tips/windows-protected-your-pc.html

I'm not as familiar with that one, but we've found that other AV software uses whether the top-level setup.exe \ install.exe is digitally signed as a clue to whether something is malicious or not. As such, besides disabling SmartScreen, digitally signing the setup.exe \ install.exe would be my first suggestion. 

I don't recall if the CVI installer builder has installer signing (it would be in the Advanced section if so), but you can also manually sign the install.exe after the deployment is built. Regardless if CVI can sign for you or if you use the Microsoft sign tool - you do have to buy a certificate, but it's quite doable (example here).

Correct. And the question is what is involved with making a signed app, so folks can run them without having to bypass security settings. (For many corporate environments, they simply cannot install and use our program due to this.) I would "assume" any program compiler could be made to generated signed code, so I expect it is possible with LabWindows -- but alot of LW looks really old so I don't know if the core predates all this.

Confirmed - the CVI deployment utility does have the ability to sign the installer - it's in the advanced section. You do have to provide your own certificate, but how to get one is searchable.

If you're using an older version of CVI that doesn't have this signing capability, or you just want to sign a CVI-built EXE - then you can sign the EXE after it's built using the Microsoft signtool mentioned above.