Thank you for your response. I cannot see that PC would be infected (using AVAST, Microsoft Defender/Firewall with weekly scheduled scanning for viruses and malware). How could someone got knowledge about private keys?
Antiviruses are not impenetrable. It's entirely possible that it was a well designed malware. Did anyone else have physical access to your computer besides you?
Was the reason that Core node (and wallet) had to be open for several weeks for it to be synchronized?
Yes.
As the linked mining address cannot be changed for already pending mining assets, I can only hope to be quicker and to withdraw the mining deposit as soon as it comes to another address? Can I still use the same Core version to make new address (in order to make deposit/withdrawal from compromised to a new one) or is it better to download new version?
You should backup important files and wipe your computer first. You can install Bitcoin Core again to import the compromised wallet.dat for the sole purpose of withdrawing the funds that has yet to be sent. If the attackers are any smarter, they probably would be faster than you and use a script to monitor the addresses.