If you ever end up working in an office, you'll have to do yearly anti-phishing training there too.
That said - I also don't know how anyone runs an executable they've not thoroughly checked over. And like... don't do QA for free. If they're developing this project, they can pay for QA.