This "virus/trojan" you've downloaded is just a PNG with some vbscript code pasted in the end. You can verify this with any hex editor like
HexEd.it - Browser-based Online and Offline Hex Editing by opening the image that prompted this warning and scrolling to the bottom. The specific script being used was taken from
here and slightly altered. This is made very clear by the fact that they copy and pasted the comment as well.
Does this do anything? No. You can't just paste code at the end of an image file and have it run, this would make the internet ridiculously insecure. The file is completely harmless and you're in no danger. My test machine has no anti virus and windows defender is completely disabled and I can verify this image does absolutely nothing.
If you're wondering why it still gets picked up as a trojan, that's because it still "contains" malicious code. Windows defender sees this code and flags it as being suspicious. This does not mean the code is being executed, the OS can't tell what code is going to be run until it's actually executed.
You are perfectly safe to ignore this windows defender message.
