These are YOUR partnerships. I realize your application is not directly responsible, but I feel you have an obligation to this community (and yourself for that matter) to ensure your product doesn't get a bad name because you partner up with shady investors.
If opencandy is being exploited (and it is) it should be your responsibility to remove it from the installer. I wouldn't want my software to be in any way associated with a bunch of douchebags that charge $199.00 to remove malware/viruses which they put there in the 1st place.