The question is, do these emails actually tell us anything that is not exactly what every security company already does? In reality, not really. The emails show that Kaspersky worked with the Russian government to develop products and technologies to protect the government from threats and to help them counter attacks. This is nothing that does not happen with other companies all over the globe. Most governments are going to use security companies that are operated inside their borders for this type of work as it gives them a bit of control over the product and company providing the services.  
 
We see companies providing incident response, malware protection and other services to many governments. The US also contracts out work to groups to develop some of their own "products" for use in intelligence gathering activities. So, in reality the Kaspersky emails are not anything that should be raising a red flag (no pun intended). They seem to be little more than an extension of the existing narrative that Russia is "bad" and all of it is a threat to the US and their allies.  
 
This narrative has become the source of so much bad and outright false reporting that it is clouding any potential for real investigation into what might really be going on. While there are more than enough criminal groups that operate out of Russia to keep investigators busy the Rumor that Kaspersky is one of them or is an extension of the Russian Intelligence community is simply goofy. It would be like saying that CrowdStrike is an extension of the DNC because they provided the Incident Response and remediation recommendations for the DNC email hack.