Go to the VeraCrypt website (https://www.veracrypt.fr/en/Downloads.html) to download the Windows installer. Since you will be securing sensitive data, VeraCrypt points out that an attacker might have found a way to modify or replace the installer in order to gain access to your data. It is thus good practice to verify if the installer is legitimate or not. To do so, you want to verify the digital signature of the installer by following these steps:

1. Download the .exe installer.
2. After having downloaded the installer, right-click the VeraCrypt Setup[…].exe file and select Properties from the context menu.
3. In Properties, select the Digital Signatures tab.
4. In Digital Signatures, under Signature list, double-click the line saying IDRIX or IDRIX SARL.
5. The Digital Signature Details dialog window should appear. Look for the sentence “This digital signature is OK.” on the top of the dialog window. If the sentence is not displayed, then the file is very likely corrupted.

IMPORTANT: On some older, obsolete versions of Windows, some of the necessary certificates are missing, which is the reason the signature verification fails. Please consider using up-to-date versions of Windows.

For more information on this or a different way of verifying the digital signature of the installer, refer to the Digital Signatures section in the VeraCrypt manual.