Same thing for me - looks like two false positives today - one for bit.ly (in wp-content/themes/storefront-elegance/functions/functions-changelog.txt - but file hasn't changed since February).
Neither seem to be malware but both contain websites that presumably were fine and are now dodgy. I was alarmed until I realized neither file had been changed recently.
Not sure if this is a bug or not...
Best regards,
alison