Solution: Don’t run executable code from unknown sources.
The .exe maybe perfectly fine, from a known source. Yet malicious payload might be hiding in .dll
Freshly downloaded .dll from a compomised update (supply chain attack).
According to your logic, these 29,000 users did nothing wrong:
As many as 29,000 users of the Passwordstate password manager downloaded a malicious update that extracted data from the app and sent it to an attacker-controlled server. Bad actors compromised its upgrade mechanism and used it to install a malicious file on user computers.