https://www.hybrid-analysis.com/sample/a9a8dc4ae77b1282f0c8bdebd2643458fc1ceb3145db4e30120dd81676ff9b61?environmentId=7
https://www.virustotal.com/en/file/a9a8dc4ae77b1282f0c8bdebd2643458fc1ceb3145db4e30120dd81676ff9b61/analysis/
It is a Hacktool HDRoot! 
Why should avast block it ?
It is a fully legitimate part of Windows !
https://msdn.microsoft.com/en-us/library/windows/desktop/ms739947(v=vs.85).aspx
Please leave analyzing to people who know what they are doing.
Kaspersky has analyzing the file and it is a hacktool HDRoot!.Pls see before comment@Eddy.https://securelist.com/analysis/publications/72275/i-am-hdroot-part-1/
And Main thing is that Avast! can’t protected from this type of threats.
It was protected by a commercial VMProtect Win64 executable signed with a known [b]compromised certificate[/b] from Chinese entity [b]Guangzhou YuanLuo Technology[/b]. Moreover, the properties of the executable read as if it were [b]Microsoft’s Net Command net.exe,[/b] and even running the sample also resulted in output typical of the original net.exe utility:
so seems this info is fake
Copyright© Microsoft Corporation. All rights reserved. Publisher Guangzhou YuanLuo Technology Co. Product Microsoft® Windows® Operating System Original name net.exe Internal name net.exe File version 6.1.7600.16385 (win7_rtm.090713-1255) Description Net Command Signature verification Signed file, verified signature Signing date 11:40 AM 6/4/2013 Signers [+] Guangzhou YuanLuo Technology Co. [+] VeriSign Class 3 Code Signing 2010 CA [+] VeriSign Counter signers [+] Symantec Time Stamping Services Signer - G4 [+] Symantec Time Stamping Services CA - G2 [+] Thawte Timestamping CA
But i am not talking about that. pls see https://www.virustotal.com/en/file/c094b563b0e604524bccf11e641502f8b5a5115af0bf18b03532556ab1a729d9/analysis/
If Avast! does not blocked that no problem for me i have Hitman Pro as a second opinion scanner 
Emsisoft emergency kit-any thing you would like to say?@Eddy