I did a little bit of investigation on this and it seems the framework also gets a false positive.
Linux Malware Detect seems to flag files as malware when scanning files contain certain string patterns. For example, save the following string as a text file and scan it with Linux Malware Detect.
']; $GLOBALS['some_characters_admin(the part some_characters can be changed to any alpha-numeric characters)
You will get a false positive regardless of the file name and the size. The framework happened to use code that matches such pattern and thus it was flagged as malware.
I hope they update their virus definitions. For that, anybody who saw this post, PLEASE send an email to proj at rfxn.com and tell them to remove the plugin and the framework from their definitions.
Thank you.
