My guess is that ALL aborted/terminated Web Installations in your LOGs come from suspicious IP addresses and are automated downloads executed from within a sandbox.
For example, the 185.220.70.152 IP in your server LOG which I already mentioned in one of my screenshots (I have attached it again). It has been reported 6 times (Abuse IPDB) and 7 times in Stop Spam.
And please note the "/WP-login.php" attempts directly after the terminated Web Installs (on two different days). See attached screenshot. You said it's totally unrelated because it comes from another IP, but I really think it is related.
IMO, it is time to close this "Source file not found" support thread, wouldn't you agree? SetupBuilder is not responsible for the "8 out of 8 different users failed to complete the web deployment" issue you mentioned in your original post. The automated (hacker/sniffer/whatever) tools started and terminated these Web Installations - the "failed" installation attempts you see in your server LOGs are not real user downloads.
See: http://www.lindersoft.com/forums/sho...0181#post90181
Friedrich