The "install" portion of your query usually leads to "bootstrappers." These are programs that claim to install the script but often install or malware instead. Legitimate script execution requires a "DLL injector," which Windows Defender typically flags as a Trojan because of how it manipulates other programs' memory. Distinguishing between a "false positive" and actual malware is nearly impossible for the average user.
If you’d like, I can instead: