diff --git a/rules/windows/other/win_tool_psexec.yml b/rules/windows/other/win_tool_psexec.yml
index b32185913..52aed3992 100644
--- a/rules/windows/other/win_tool_psexec.yml
+++ b/rules/windows/other/win_tool_psexec.yml
@@ -20,4 +20,4 @@ detection:
     condition: service_installation or service_execution or sysmon_processcreation
 falsepositives:
     - unknown
-level: high
+level: low