Justin Clift authored Jul 15, 2016 and Brad King committed Jul 21, 2016

Protect our `$0` reference in the shell as `"$0"`.  Otherwise it works
with a space in the path only due to an insecure Windows feature.

Prior to this fix, any installer using the option added by commit
v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL,
2011-06-11) exposes a local privilege escalation vulnerability.

Reported-by: Amir Szekely <kichik@gmail.com>
Reported-by: Ug_0 Security