Your first step should be to establish that the malware was not run on your system. Nothing inside of Cargo or Rust will run that specific file automatically, but the crate might contain a build script
The next step is to ascertain if it actually is malware. pelite has an issue where this has been raised:
Ugh this dumb issue, it's a false positive which I already tried to make go away once.
That file contains like 200 PE samples for testing pelite against. These are fairly unusual samples because I wanted to see how pelite would fare and due to their unusual nature tend to get picked up by anti virus.
If you trust the author that it's not really an issue, then there's nothing else to do.
If the author isn't aware of the issue, you can try reaching out to them, following any security contact information they might have (relatively rare for most crates) or opening an issue.
If you don't trust the crate owner or they are unreachable, your final step should be to contact the Rust Security Team via email. Be complete and thorough about the issue and provide as much information as you can.
In my personal opinion, the particular warning you are asking about is a false positive and I would not worry about it. Running an online virus scanner (which I don't know the quality of) reports it as a large number of possible things, in line with what the author said about being a large number of samples.
