Does anyone know the legal status of this project? I was pretty excited about it as it bills itself as a “re-implementation”, but looking at the code like this for example [1] it seems suspiciously like a straight up disassembly/reverse engineering of the original. That would explain how they’re able to keep the logic practically identical.

[1] https://github.com/OpenRCT2/OpenRCT2/blob/develop/src/openrc...

Same as OpenTTD. Both were disassembled and ported to C(++), which was viable since the games were written in assembly. So depending on which country you're in this may or may not be legal.

Even if it were cleanroom reverse-engineered, the code contains many constants relating to game balance (and many other things) that are identical to RCT2 or RCTC (RollerCoaster Tycoon: Classic, the mobile port which was also released on PC), without which the game would not function, which probably makes it a derivative work.

That being said, I'm fairly certain it was not cleanroom reverse-engineered.

The not-so-legal status, then, is "Atari does not care".

You need the original RCT2 assets to play it and it’s not super well known, so technically using this is not a lost sale for Atari.

"Some anti-virus products may falsely report OpenRCT2 being unsafe"

nothing against this software, just pondering over this ... what would prevent a malicious software to make a similar claim, and if we always trust the software we download, wouldnt that reduce the amount of reasons to use anti virus software in the first place?

I suspect it may relate to the way it accesses other executable file directories - it scans for the RCT2 data files, which are in another executables folder structure, so rather than just sticking to the install folder and the shared documents area, it's looking at other files, which could reasonably trigger a virus scanner looking for "weird" behaviour.

Virus scanner false positives are slowly becoming my personal hell. From my experience, they aren’t even remotely anything as sophisticated as you suggest, but the fact that people believe that antivirus software can actually do this kind of analysis helps the vendors sell their snake oil. If they would be triggered by any actual behavior, changing random compiler flags wouldn’t usually remove the false positive. But you have to do that kind of tinkering, or users will be scared.

False-positive like this are 99% of the time based on (dubious) heuristics, you can usually see that from the name of the match which will be very generic.

Semi-related note, AV tests of the last 2-3 years consistently show the Win10 built-in Windows Defender perform on-par or outperform other AV products on security, and outperform nearly all of them on performance.

Some antivirus seems to be just an allow list for programs. So least used software (like, a program that you have compiled 5s ago) are always marked as suspicious.