I'm Buzzle, moderator of TPSC Discord server. Let me just quickly clarify a few points here:
First, the Python script only plays the role of executing the malware in the ./Phase1 and ./Phase2 folders. It it NOT a ransomware. It's called malex for a reason (MALware EXecutor)
Second, the reason why Kaspersky only get a Pro-active detection ratio of ~80% but still pass Phase1 is due to the fact that BOTH HitmanPro and MalwareBytes detect nothing after Phase 1 and the system have no sign of infection (https://youtu.be/DtHHsJIw1RI?t=249) but ESET clearly did ( https://youtu.be/e0irhY1GOuI?t=166 + https://youtu.be/e0irhY1GOuI?t=401 ). In fact, ESET did not even qualified for Phase2 but we did it anyway
Third, if you think the reason Bitdefender, Kaspersky, and Sophos passed because of affiliations with TPSC, then explain Norton and Comodo's result. We use the same testing method (running all the malware through malex) in every test since Windows Defender. There's no "irregularity" here like you said.
If you want to discuss with us, jump on our Discord server. Link is in the description of the video.