Hi, CNET wraps most of its listed software in its own download manager, that is basically a small executable that starts and manages the download from CNET servers.
I.e. the CNET's file for PeaZip should be named cnet2_peazip-4_1_WINDOWS_exe.exe, that does not have double .exe extension - there is .exe extension and the filename ends in _exe.
Double extension is usually considered a warning sign as some malware exploits the "hide extensions for known file types" Windows' function, naming i.e a file something.txt.exe: the system hides the .exe extension and the user is tricked to consider the executable as an harmless .txt file, as it reads the visible file name as something.txt.
It is an intrinsic social engineering vulnerability of the otherwise useful function of hiding filename extensions.
You could also avoid using CNET's wrapper clicking on "Direct Download Link" under the download button, that link downloads the installer as deployed by the developer of the application you are looking to.
In any case, both CNET's download wrapper and third parts installers are scanned for malware, as reported by CNET policy.