It does raise the bar significantly. There are 3-4 ways for system level keyboard monitoring, and all were detected. So a malware writer has to either disable the AV first, or hook individual applications one at a time instead of the whole system (and this exposes it to injection detection heuristics).