TLDR: If your Microsoft Form keeps getting automatically flagged as suspicious, this can be because you used certain "trigger" words such as "login" on your form. It seems that the scanner is looking for anything that could indicate phishing for credentials, so if you have problems, remove any words or field names that could be misinterpreted. It's likely that other terms like "password" will also create problems.

Example: I made an event registration form, which included the sentence "...the organisers will send you login details for the Zoom meeting in due course."

Microsoft Forms started plastering terrible "this form may not be safe" warnings all over it, thereby scaring off anyone that actually wanted to use it. The problem was that I had used the word "login" in the form description, which was enough to trip the automated review mechanism and flag it as potential abuse.

Deleting that single word removed the warning notice after a few seconds.