Linkage\Export was just an example.
The vuln tool is correctly identifying them.
Here’s an actual one:
HKLM\SYSTEM\CurrentControlSet\services\WavesSysSvc\ImagePath = C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
Is there a way to get the analysis to drill down to that level?