We are using Koko-Analytics on our site. One of our (German) users shared a warning from Bitdefender pointing to to Koko-Analytics:
Our repo is clean – we just validated that our files are 100% equal to what was delivered by Koko analytics (and other plugins). So no hack on our side.
Could you please confirm this is a false positive – or clean up your repo… 
