See: https://www.virustotal.com/nl/url/c7d3f460bbaae900df5fdbae80961c29b69d9d8d4dd0eb703e0a52e2af7dd3c2/analysis/1398959649/
see: https://www.virustotal.com/nl/file/8b9aa6a22e87937beb32ccd041f7e99f1b197f080c3c6b197147c49e71e15fef/analysis/1398943081/
Is this a NSIS PUP dection?
For the particular download site’s risks and incidents ->: http://www.herdprotect.com/domain-www.joydownload.com.aspx
OpenCandy is being used by software-makers and will send feedback as how the software is being used.
In that way OpenCandy can be considered spyware, hence these PUP detections.

pol