Yes, my website is on this machine. It is a dedicated server running Windows Server 2012 R2.
By default when something is uploaded or created using PHP, the file is created in the temp folder (based on my understanding), then moved to the upload location as soon as the file is fully uploaded.
By the looks of it the antivirus detects the upload/file creation before it is fully finished.