Fwiw, in my recent experience, there is a lot of ransomware that doesn't give a whit if it's running on a VM. Considering the virtualization of America's businesses, it does not surprise me at all that ransomware doesn't hold back on a VM any more.
But for that - just so everyone knows - best practice is (1) don't link up your VMware to use domain credentials, and (2) don't back your stuff up to permanently connected repositories (like "my backup drive is an iscsi connection to a big disk array") or to a NAS that is linked to the domain. Those things mean that bad guys who acquire domain admin have access to all your assets and can scramble at will. Sending copies offsite is the best.
And worst case your business pays and gets it all back, then you have to fix your external access holes RIGHT AWAY because successful perps often sell your system access to additional bad guys.
And also fwiw, I installed the Russian language on my home PCs after reading this because there's no down side and might be free, albeit iffy, protection.
Edit: and if you do that just remember, Windows-Spacebar lets you switch back to your preferred language when you accidentally switch to Russian.