@ambarishrh Ransomware protection is required because users open the files and run the contents (mostly). If your server is not going to open files but instead only host the files for users to access, then the ransomware protection should be on the endpoint.
File cloud compares mime type against file content. If someone uploads a real Word document that's been scripted to retrieve and launch a payload, and the user clicks to allow it to run, this mime checking will be of little consolation since the Word document will have passed the mime check and you're back as the user being the weak link (while their files are getting encrypted).
You're right though, the ransomware protection that is offered as an app for Nextcloud only check for known bad file extensions/names.
https://nextcloud.com/blog/nextcloud-presents-ransomware-protection-app/