Possibly opened a malicious .dmg file on my Mac, not sure wether it installed itself?

Solution 1:

Ordinarily you should still be safe after just mounting the DMG - as long as you haven't actual run anything from within the DMG by double-clicking an icon or similar.

So normally no, you wouldn't have installed the Skype file just by mounting the DMG.

By looking at your screenshots you seem to be running a modern version of macOS. Are you instead running Mountain Lion or older then you could have been automatically infected, as these versions did indeed have a problem with DMGs being able to auto-start programs.

BitDefender, like any other product, can only alert about so many types of malware. It is not a guarantee that it will alert against this specific type of malware/virus, if it is indeed malicious.

The reason I write "ordinarily" and "normally" above is that there's a very slight risk that the file has exploited a problem with the metadata parsing that macOS does of the DMG. I.e. macOS uses information from within the DMG to display images, potentially display license information, etc. It is possible for malware to exploit a security hole within the image decoding library for example to infect your computer just by double-clicking the DMG. However, this seems to be quite unlikely given the information you have presented.

If you want to be really sure what happened, I would suggest comparing the most recent backup from before you downloaded the DMG with the backup taken just after. If no system files have been altered during that time frame, you should be good.