With all respect to the developer (could be a nice guy) if you really need to give something for free give the source code of the web application it self, what you basically did is wrap up a webpage on an exe *of course it doesn't have a virus but still unsafe* and you are collecting private api keys from people, this application doesn't communicate directly with the exchange, it connects to your server first and that is very obvious.
Sorry again, I am just giving a headsup because you are not a prophet so I cannot trust you enough, I trust only what I can see and compile or run on my own server or computer without it using your server.
Regards
It's all open source on Github.
https://github.com/gobeli/pump-and-dump I mean, you could literally find the link to the source code below the download link.
https://imgur.com/0bSrPNaFeel free to look through everything and compile it yourself. Nothing fishy going on and no API Keys are being collected.
Open your eyes! Read before you post!