VULNERABILITY DETAILS
If we reference a .exe using a link tag like:

<link rel="stylesheet" href="http://localhost/calc.exe" />

then we have the user 'CTRL+S' (save page as) and by default (I believe) its set to 'Web Complete' 

Tested on latest nightly. Also looks like google chrome has the same behavior, does not look like a safe and expected behavior.

VERSION
Chrome Version: [50.0.2661.102] + [stable]
Operating System: [Windows OS]

REPRODUCTION CASE
1.Host index.html on localhost and have the following:

<html><head><link rel="stylesheet" href="http://localhost/calc.exe" /></head><body></body></html>

2. Host a .exe file as well (calc.exe in this example)

3. visit http://localhost/index.html

4. hit 'CTRL+S' and by default it should show 'web complete' as type

5. after saving, the .exe executable is present in 'index_files' folder locally.

The only danger here is if the user opens the file himself. Or if in the future there was some sort of exploit that requires there to be an attacker controlled binary present.

We can potentially also have a .lnk or .url file be downloaded as well which point to the executable and have the user open our URL file by telling them this is where our website is or something. Successfully executing the application.