how you will display this, when there is an update for the Launcher available but not for the game itself?
So an update for the bundled app and not for the parent applications.

Today I updated some apps, also the following:

• I had an update for the Elite Dangerous Launcher but not for Elite Dangerous (the game)
• I had an update for Star Citizen (the game) but not for the RSI Launcher

So you should show the user updates for bundles.

But the Launchers can be updated separately from the game.
So there can be new versions of the game available but also new versions of the launcher.
And I can update the launcher but not update the game.

Do you have any idea how you will display this, when there is an update for the Launcher available but not for the game itself?
So an update for the bundled app and not for the parent applications.

• Elite Dangerous
  • Elite Dangerous Launcher

• Star Citizen
  • RSI Launcher
    • 7-Zip

• The Dark Mod
  • The Dark Mod Updater/Downloader
  • The Dark Mod x32
  • The Dark Mod x64

The Dark Mod is not added yet, see https://vulndetect.org/topic/495/the-dark-mod-game-request
The Dark Mod Updater/Downloader is not requested yet, because the version number in the app is not correct

But the Launchers can be updated separately from the game.
So there can be new versions of the game available but also new versions of the launcher.
And I can update the launcher but not update the game.

Here is an other specialty: FreeFileSync
I have installed FreeFileSync normally (not Portable) and I see the following files:

1. C:\Program Files\FreeFileSync\FreeFileSync.exe
2. C:\Program Files\FreeFileSync\Bin\FreeFileSync_Win32.exe
3. C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe
4. C:\Program Files\FreeFileSync\Bin\FreeFileSync_XP.exe

File 1. is detected by VulnDetect.
It is only 462 KB in size and is only a Launcher that starts the correct EXE file (files 2., 3. or 4.) depending on your system.
So when I start FreeFileSync.exe (launcher) then the FreeFileSync_x64.exe is started as child process.

So here you should also show FreeFileSync expandable and show all 3 platform-related files as child.
So it looks like the process tree structure.

What about also bundling multiple instances of the same application?

• FreeCommander XE
  ....

And what about bundling 32-Bit and 64-Bit instances of the same application?
....

The rule of thumb that we will apply to bundling is the following:
If an installer installs both 32bit and 64bit versions, then we intend to bundle them.
If it requires downloading and running two different installers, then it will not be bundled.

In your example with FreeCommander, then we will bundle them, if the "backup" folder is created by the installer. If you created it manually, then we usually consider it separate installations (but manually moving exe files may class with the bundle specifications).
The PortableApps will generally not be considered bundled, but rather separate installations.

indows 10 Professional

I suggested above that you show one line for Windows and below that you should show all applications that are bundled with Windows.
You should also show the exact version number of Windows, like:

Windows 10 Professional Version 1809 (Build 17763.316)

• FreeCommander XE
  • FreeCommander XE (C:\Program Files\FreeCommander XE\FreeCommander.exe)
  • FreeCommander XE (C:\Program Files\FreeCommander XE\backup\FreeCommander.exe)
  • FreeCommander XE (D:\PortableApps\PortableApps\FreeCommanderPortable\App\FreeCommanderXE\FreeCommander.exe)

And what about bundling 32-Bit and 64-Bit instances of the same application?

• Toolbox for VulnDetect
  • Toolbox for VulnDetect 32-Bit (D:\Lazarus\Toolbox for VulnDetect\Released Versions\Version 3.0\Toolbox for VulnDetect.exe)
  • Toolbox for VulnDetect 64-Bit (D:\Lazarus\Toolbox for VulnDetect\Released Versions\Version 3.0\Toolbox for VulnDetect x64.exe)

• For grouped applications show just one entry (like "Microsoft Office 2016") and in front of this entry show a [+] icon, so the entry can be expanded and collapsed.
  If users expand it, they see all applications bundled with that product

• Show all applications (so don't hide any applications) but show them grouped.

Here are some examples:

• SecTeer VulnDetect
  • 7-Zip (C:\Users\All Users\chocolatey\tools\7z.exe)
  • 7-Zip (C:\ProgramData\chocolatey\tools\7z.exe)
  • chocolatey (C:\Users\All Users\chocolatey\choco.exe)
  • chocolatey (C:\ProgramData\chocolatey\choco.exe)

• NVIDIA GeForce Experience
  • 7-Zip (C:\Users\All Users\NVIDIA Corporation\Downloader\PostProcessing\GFE\a5c55c300a0970b183a69782967dfc59\GFExperience\7z.exe)
  • 7-Zip (C:\ProgramData\NVIDIA Corporation\Downloader\PostProcessing\GFE\a5c55c300a0970b183a69782967dfc59\GFExperience\7z.exe)
  • 7-Zip (C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe)

• Windows 10 Professional
  • Adobe Flash Player (C:\Windows\System32\Macromed\Flash\Flash.ocx)
  • Adobe Flash Player (C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx)
  • curl (C:\Windows\System32\curl.exe)
  • curl (C:\Windows\SysWOW64\curl.exe)
  • Microsoft OneDrive (C:\Users\user1\AppData\Local\Microsoft\OneDrive\OneDrive.exe)
  • Microsoft OneDrive (C:\Users\user2\AppData\Local\Microsoft\OneDrive\OneDrive.exe)
  • Microsoft OneDrive (C:\Users\user3\AppData\Local\Microsoft\OneDrive\OneDrive.exe)
  • Microsoft Silverlight (C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe)
  • Microsoft Silverlight (C:\Program Files\Microsoft Silverlight\sllauncher.exe)
  • OpenSSH for Windows (C:\Windows\System32\OpenSSH\ssh.exe)

• Google Chrome
  • Adobe Flash Player (C:\Users\user1\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.142\pepflashplayer.dll)
  • Adobe Flash Player (C:\Users\user2\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.142\pepflashplayer.dll)
  • Adobe Flash Player (C:\Users\user3\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.142\pepflashplayer.dll)

• Star Citizen
  • 7-Zip (E:\StarCitizen\RSI Launcher\resources\app.asar.unpacked\node_modules\7zip\7zip-lite\7z.exe)

However, this is still several weeks away.

No problem, important is that you have it on your To-Do list.

However, this is still several weeks away.

• Microsoft Office 2016
• Microsoft Access 2016
• Microsoft Excel 2016
• Microsoft OneNote 2016
• Microsoft Outlook 2016
• Microsoft PowerPoint 2016
• Microsoft Publisher 2016
• Microsoft Word 2016

It would be cool to see only one entry called Microsoft Office 2016 that can be expanded to see all enclosed products.

But this feature could also be used to group bundled applications, like Microsoft Office.
I see an entry Microsoft Office 2016 and can expand it.
Here I see all apps of the bundle, like Word, Excel, PowerPoint and so on.