Since the system doesn't know if said person can be trusted or not, it by defailt blocks it and gives you the warning, leaving the system's user to decide. Both tools described above can be both helpful/constructive or harmful/destructive, it all depends on the user. Said programmer/user in this case isnt on the list of trusted people (which by default only really includes some big names like Microsoft), so the system doesn't know if it should trust them or not. The system can see who the programmer is (if things are set up properly) which it then references against a list of names.
The programmer is a user of said tool in this sense. If we want an anology to help picture what is going on, the program is a tool, be it a hammer or a nail gun. Speaking from A) experience, B) decent conversations with the developer of SRML, and C) my own CIT course in college, i can say that what the program is doing here in of itself isn't a threat. Will give a more detailed explanation below. For a few reasons, SRML and UMF are stuck patching data into games in a similar fashion to a number of viruses and other malicious programs, its this method of patching that the computer is detecting as a threat. While definitely a fair concern, the system doesnt read exactly what it is trying to do, and rather the basic processes.
