Back then I mostly worked in VB. Infact, I have not coded anything in years like I used to unfortunately. The community was very giving and very eager to make advancements in knowledge to empower themselves.
A few people custom coded obfuscators, oh jeez lets see if I can remember his name.... aha! JapaBRZ. He was among the first. Run a quick google search on him, hes got stuff published to a few websites. Most was on Leetcoders but the sites been rolled back. I might have his source somewhere actually. A lot of it has to do with adding "junk Code" which is really just fake code and fluff for distraction. Sometimes AV companies use app info such as actual size in bytes, author, version number, other build info like that. Change the build info, change the icon, add more strings that point to eachother, etc. All of that completely throws off AV companies, or rather just makes it seem like they are hunting down "A" but instead see "B" (the new build) so a message comes back to the user as "scan completed. nothing malicious here, move along." Of course, there are two kinds of detectability. Runtime and Scantime. Runtime crypters we called them... something that encrypts your build so that it can run in such a way that an active AV will not see it. Something that was only scantime crypted / obfuscated will get detected when it runs, unfortunately. This turned into a sort of business. People made and ripped off eachothers crypters and sold them. They were cheap and didnt know what they were doing, so the files got detected weekly or monthly, requiring them to re-code parts of the crypter. They got smart and used stubs so they only had to change part of the stub.
It is all very collusive and mostly came down to newbs trying to mass spread their botnets. The only way around all that, like you mentioned, is to not share anything unfortunately. Unique code kept private for small use wont likely get picked up by an AV company. But hell, back in the day as a child when I made a simple SMS / MMS phone bomber in VB it got detected as a trojan. Explain that to me? lol I coded it so I know it was safe. Anyways, thats probably a bit too much info all over the place, but hopefully serves as a brain-dump to get some of you to ask questions and inspire you to research more. I don't really have a whole lot of time to make threads and post stuff, but hey I'm bored at work right now :)