Which part, specifically? The only restriction on the EAR I see that applies is that on encryption, and Part 742.15(b) provides an explicit exception for software where the source is publicly available. That's why, for example, non-US citizens must request a special license to download the paid Metasploit version but can download the open source version freely[1].
Journal of National Security Law and Policy, Vol. 8, No. 2, 2015. Quite the argument made there that EAR and ITA do indeed deal with the making and distribution of cyber weaponry.
I think that article only emphasises that it is not subject to those regulations. Quote:
We conclude that, at a technical level, the distinction between weaponry and non-weapon malicious software lies in the payload component of the tool, which must be capable of creating destructive digital or physical effects
Meatpistol is only a framework, therefore there's no payload component.
[1] https://community.rapid7.com/community/infosec/blog/2015/06/...