The code has already been commented by other answers. My review focuses on your development process around this attempt.
To anyone attempting to run the executables: do it in a VM only. Disconnect the VM from the network and reset the VM to a snapshot afterwards. You don't know what those executables are doing.
Don't upload executables into a Github project as part of the source code. Instead, create a release with the utilities given by Github and attach the executables there.
It does not work. Have you tried running it? On my system, SampleMalware.exe is not copied to the system32 directory and there's no Registry key being written. Probably the executables are missing administrator privileges. I am using the executables you provided on Github. Their manifest file says, it should be run "asInvoker".
It still does not work when I run the executables as Administrator. That's because Windows Defender detects the executables as "Trojan:Script/Conteban.A!ml". If you write malware, check whether it's detected or not, using several virus scanners, Windows Defender being the first one, since everybody has it.
The malware is a separate executable. The installer is quite useless if the malware is not present. If people pass on the installer (which you want), they might not have enough technical knowledge to pass the malware with it. Therefore, you want to embed the malware into the installer, so everything is a self-contained package.
There's another reason to do the same thing: As of now, the malware is an executable which is located right beside the installer. That way, it can be easily detected by virus scanners. You don't want the malware be detected before it is installed.