Windows has shown great number of downloads everytime we put out a release.
Adding the error message to the installation seems trivial so we should go with that.
If possible, we might also want to probe the registry key one time during setup, and write that to the log file. This reg flag will indicate whether the firewall is on/off and then emitting the message -
Invoke-Command -ComputerName <servername> -Credential <username> -ScriptBlock
Since this is installer, I'm hoping we can get this in for sherlock.