Downloading a program--especially one from an obscure publisher without a positive reputation--is something of a leap of faith. It's a bit like letting a total stranger into your home.
But if you follow these five steps, you should be okay.
[Have a tech question Ask PCWorld Contributing Editor Lincoln Spector. Send your query to answer@pcworld.com.]
1. Do your research
Read up on the type of program you're looking for, and on the particular programs you're considering. Use your favorite search engine to see what people are saying about them. Check out major download sites such as Major Geeks, FileHippo, and Softpedia.
2. Download from the publisher's site
Yes, I just told you check out the download sites, but you don't have to stay there. The publisher's own site will probably have the cleanest, most recent version of the program.
If the publisher's site sends you to another download site, you can safely assume that it has the preferred version.
3. Scan before installing
Your regular antivirus will scan the file as it downloads, but just to be safe, manually tell your AV program to scan the file again. Then use another malware scanner, such as Malwarebytes Anti-Malware, to get a second opinion.
4. Consider that you may have a false positive
Antivirus programs aren't perfect. Sometimes they see malware when it doesn't really exist.
If both scans identify malware, assume it's real. But if one of them gives it a clean bill of health, try other on-demand scanners, such as SUPERAntiSpyware and the Emsisoft Emergency Kit, to get a better view.
Another consideration: When any of these programs finds malware, it tells you what it found. Use a search tool like Google or Bing to learn more about it. You may find out that it's cropping up a lot as a false positive.
5. Watch out for PUPs
If your antivirus warns you that a download includes potentially unwanted programs (PUPs), you can safely install it--but only if you're careful. In fact, you should always watch out for PUPs when installing software.