I can’t find on that website where they claim their source is from VX site (what ever that is). Plus you’re referring only to malware, which Avast! performed above average. In auditing, sampling is a good indicator of an error rate. I suppose the same premise works with a virus sample as well. I don’t see anything wrong with the sample size used.