False Positive with F-secure online scanner?

Hi all. I was going to try out the new version of F-Secure’s online scanner, but while it was downloading the necessary files, avast comes up saying that one of them is infected with Saturday 14th-669. The precise location for where the file was downloaded to was:

C:\DOCUME~1\USERNAME\LOCALS~1\Temp\OnlineScanner\updates\6\infopak_fsbwserver.f-secure.com_80_377428189\cran.cvd

and the results from submission to Jotti’s malware scan and Virustotal:

http://virusscan.jotti.org/en/scanresult/ba193b997ae213164348a79e6f5a138756aaa9ab/4bac82020e6b584eb42bccb8568b4885acb0e3be

http://www.virustotal.com/analisis/1293122a3a071666296fe48c1bb627b430ed1a6b60bbbfe7b44f97cc16919195-1248019801

For now, I’ve had the file moved and renamed by avast, and am in the process of performing a full scan of my system. I’d say it’s probably a false positive considering the fact that I’m fairly certain F-secure is trustworthy, and that there does not seem to be a consensus between scanners as to whether the file is infected and if so, what it is infected with.

Edit:

Also located inside of a zip folder in the same location:

C:\Documents and Settings\USERNAME\Local Settings\Temp\OnlineScanner\updates\6\fsbwserver.f-secure.com_80_377428189_infopak.zip\cran.cvd

What is possibly happening is that the tester doesn’t encrypt its virus signatures and any resident is going to detect that unencrypted signature, after all that is what it is meant to do. This however, is supposition on my part, but a likely scenario.

With a detection rate of 33% on VT and Higher on Jotti would tend to indicate it isn’t a false positive and given the many different malware names given it could mean they are detecting other unencrypted signatures in the file.

http://www.google.com/search?q=cran.cvd