Thank you for your previous fixes. Sadly, problem returns again.

As an example, trainer made by CheatEngine forum member. His trainer is flagged as Win32:Malware-gen.
I’m using “avast! Free Antivirus 2014 9.0.2013”

I attached:
Banished Trainer (x32).exe - flagged as Win32:Malware-gen

Banished Trainer (x32) (NO RCData).exe - flagged as safe, Avast doesn’t find anything suspicious. I removed RCData (Embedded data) with Resource Editor.

Extracted from EXE resource, RCData, with Resource Editor:

ARCHIVE - flagged as safe. As mentioned earlier in my posts, this is zlib archive, and contains essential files: two DLL files, one EXE file (cheatengine main EXE), one LUA file, one CETRAINER file (which is XOR-crypted CheatTable file). Basically, it contains some files from “C:\Program Files\Cheat Engine 6.3”. Worth to mention - Avast doesn’t find anything suspicious in “C:\Program Files\Cheat Engine 6.3” directory. Main trainer exe (Banished Trainer (x32).exe) saves it as CET_Archive.dat.
cheatengine main EXE - it can be cheatengine-i386.exe or cheatengine-x86_64.exe.

DECOMPRESSOR - flagged as safe. This is executable file. It extracts ARCHIVE and executes another EXE file. It is the same file as standalonephase2.dat from “C:\Program Files\Cheat Engine 6.3”.

Components are clean. Combined into one EXE, false-positively flagged as malware.

Link to sample:
http://www.mediafire.com/?c7r2j5i9zc623dq

I’ll use contact form too.

EDIT:
Valerij Medviď, thank you. It is fixed.