Malware is unfortunately nothing new, and it's nearly impossible for communities such as itch.io to make the site 100% free of malicious software no matter how well moderated it is. Now I've been a moderator on an other game site, and a few things came to my attention.
If you see a game with high quality graphics in the screenshots but the downloads are less than 1MB, you can be pretty sure it's just malware. I've only seen such low download sizes with games that use the console or are even entirely set up as a batch file (which is then mostly noted in the description as well). Very large downloads that turned out to be malware were very rare in my experience (not entirely non-existent, though).
What I also saw a lot with malware games was that they were dupes of legit games and then just searching the website can be a good idea.
Now much malware focusing on Windows is only a logical step as Windows is one of the most used systems, however as Linux is gaining popularity lately, it only stands to reason that Linux gets more and more interesting for malware developers. Although Linux is an environment that may be harder for malware to do crazy things with, there's always a possibility and malware developers are used to challenges, as they have to outsmart anti-virus software (which also gets more and more sophisticated) all the time.
Now what can also be a good one. I've seen multiple games from the same dev account reported in my own moderator days and all the malicious downloads turned out to be IDENTICAL on all the "games" they uploaded.
Well, I don't want to pretend I'm an expert on malware, but at least I can share what I've seen a lot