You can download QScanner from the Qualys downloads page.
After downloading, you receive a shell script file. By executing this script, your system's configuration including the OS and architecture are assessed, and a suitable QScanner binary is downloaded accordingly. QScanner also performs SHA256 (Secure Hash Algorithm 256-bit) checksum validation on the downloaded binary.
Once the binary is successfully downloaded, you can either run it directly or incorporate it into your integration systems as needed. QScanner binaries are signed. To validate its signature, you need to provide a public key using -k <public-key> flag. To get the public key, contact Qualys Customer Support.
To know more details, run download_qscanner.sh -h.
Currently, QScanner can be executed only on Linux OS which is hosted on amd64 and arm64 architectures.