A developer created a custom version of their program (a timer) for our charity, but my avast behaviour shield flags it with idp.generic and dumps it into the virus chest when I execute it, how can I know if it’s a false positive or if it contains any malicious code?

Virustotal analysis is mostly clear, but it was the avast behaviour shield that flags it, not the virus scan: https://www.virustotal.com/#/file/c89a53e5c389e1124596c09e5f528cfa9d3da02f5de31bb7ff12aa7ca4b762eb/detection

Thanks in advance!

Report it to avast lab

See my post here. https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Will do, thank you for the link.