I've looked around, and the only free SSH tool for Windows that has a single HTTPS mirror is 'kitty': https://www.wuala.com/9bis.com/public/build/

There's binary OpenSSH releases for Windows, but they're all hosted on sites that don't do HTTPS. It seems like all Windows free software has a general lack of following security best practices when releasing or mirroring software.