Only 1 AV to identify this?

From where: http://urlquery.net/report.php?id=1490821606109
Known infection source: https://www.virustotal.com/pl/url/43bb625e986a35bc92aa432514340d287ce1f460dda204da610ffc59f72d948f/analysis/1490822019/
On that executable: https://www.reverse.it/sample/7ca3ea6836acd782153cf9b70e87ad4bb7492eeffc3277c74e451f7f9c8c45aa?environmentId=100 and https://malwr.com/analysis/MDg5YmZkZThiOTdlNDcxNjkzNWVhOGNlZTc2M2EzMTA/
This is CloudFlare abuse: https://urlscan.io/result/964bb058-3992-4d73-a9fe-2316d353ce1c#summary

Malware on script: -http://www.domxssscanner.com/scan?url=http%3A%2F%2Ffile-5.ru%2Fjs%2Ffunc.js
errors:

found JavaScript
error: undefined variable $
error: undefined function $
variable value does not exist or is undefined…

What’s on that IP: https://www.threatminer.org/host.php?q=104.25.188.19

polonus (volunteer website security analyst and website error-hunter)

Update

Still active as known infection source: http://urlquery.net/report.php?id=1493389442344
Yandex states

may indirectly distribute additional software
According to Yandex, additional software has been added to some files and programs which are offered on the site. When they are launched on your computer, additional software may be installed. Some of it may be secure, others may not and could harm your computer, disrupt other software, or change program settings without your permission.

Go to website (not advisable)

pol

seems file is no longer there, possible log in to get it?

6 month old scan
https://www.virustotal.com/en/file/7ca3ea6836acd782153cf9b70e87ad4bb7492eeffc3277c74e451f7f9c8c45aa/analysis/