Seriousness of the threat
This is what it can do :
PWOLauncher : Download/execute file, or execute local file
PWOHTTPD : Spawn a HTTP server on the victim machine
PWOKeyLogger : Log keystrokes on the victim machine
PWOMiner : Mine bitcoins using the victim CPU/GPU
PWOPyExec : Execute Python code
PWOQuery : Query remote URL and return results
This list basically means that are in remote control of infected PCs. They can detect passwords, launch whatever they want and generally benefit from all the resources of the machine.
I rank that as rather serious. I certainly hope it can be detected and blocked by my current AV solution, although I must admit that I tend to not download its targeted carriers (Quick PDF to Word, XoristDecryptor, Easy Barcode Creator, Kingston Format Utility and the others are really not in my interest zone).