It would be easy if ransomware actually worked like the simulator but since there are numerous ways how to encrypt files, actual malware usually works differently. Moreover, the simulator won't encrypt your own files plus it's relatively already widespread which are another factors that substantially affect detection.
Finally when it comes to ransomware, you could just find yourself plain screwed.
Such was the case last year when a security researcher discovered a vulnerability in the Win's Encrypting File System; i.e. EFS, that would allow an attacker to deploy that to maliciously encrypt a target's files. Microsoft, as expected, initially "pooh-pooh" it but came to its senses and patched it. This one caused Eset and a whole bunch of other AV vendors to issue security advisories. Luckily, this one wasn't exploited in-the-wild.