You can install it, then modify the main file to remove the parts of code and then be sure, not to update the plugin afterwards.
It seems to be only this part of the plugin that is malicious.
Same issue when using escape/unescape.
In the eeb-class you could use
eval(decodeURIComponent(....))
instead of
eval(unescape(....))
which also works with utf-8.
