by Gostev » Fri Nov 18, 2016 10:25 pm people like this post
False positive, use this site to double check the file in such cases > https://www.virustotal.com/ Different vendors use different checksum algorithms, so this is the easiest way to confirm a checksum collision.
i believe the issue with AV picking up malware/ransomware false positives is due to AV detecting file replication dlls/exe. i have a similar issue with another vendor and its replication executable, i will not name it here, but this was with Trend Micro flagging the file as ransomware. i was told the file detected wouldnt be removed from the AV detection engines.