Well, Czardas, as you saw from that Japanese file scan it was a Section Header Heuristicakl detection - AMW10-100
About these heuristical flags:

Possible Header Infection

If the entry point of a PE program does not point into any of the sections but points to the area after the PE header and before the first section’s raw data, then the PE file is probably infected with a header infector. This is an extremely useful heuristic to detect W95/CIH-style virus infections and virus-corrupted executables.

That was the cause of the FP if it was one, but on the other hand IDS detection also found that on the header response from the uri we uploaded at netquery.
So interesting how the reactions will be…

polonus