Anything's possible, but you should know that false positives are very much part of the landscape with pretty much *any* antivirus software. When you have a question like this instance, it is often a useful exercise to submit (upload) the file in question to Virustotal.com. This will give you a report showing -- for example -- that just 2 out of 59 common AV products consider this item to be malware. While that may not be an absolute final verdict, it does start to give you some reasonably good idea. The _real_ malware items should produce a lot more hits than that, in the vast majority of cases.
Sometimes the analysis
of that site will tell you that this item has been submitted previously, and do you still want to resubmit it ? Check the exact file size, name, and date, because there can be multiple versions of a file. You always have the option to force a fresh scan by them, anyway. (I think there is some file size limit for these scans, but you will probably not be exceeding it.) Their service is free.
Some web pages will report malware being present if you visit them. Virustotal can check URLs as well. I have seen very likely false positives from different AV products in this regard as well. Or,
it may actually be something else that is the source of the "red flag", such as outdated Apache server software, which is said to open the door to various exploits.
From: Adriano Ortile
To: xywrite@xxxxxxxxxxxxx
Sent: Tuesday, October 21, 2014 6:37 AM
Subject: Malware in Jumbo U2 version 120
Hi all.
I downloaded the new Jumbo U2 kindly made
available by Robert and Carl. Before to use it, I've checked all of the files
with my anti-virus program, and it found the malware "Dropper.Gen" be inside the
executable file "undo.exe", part of the zip download.
Is U2 really infected?
Thanks for your help.
Adriano Ortile