Clam AV false positive?
Over the last few says, my hosting company has been flagging multiple sites webassist/ckeditor.js file as malicious (pua.http.exploit.cve_2015) and as a result blocking port 80 until it is removed.
They use Clam AV and I have suggested to them that this is possibly a false positive but they are adamant that these files are a problem.
I run the scan through cpanel and it does show up. I then delete the file and upload ckeditor.js from a different recent install and then run the clam av again and it doesnt flag anything.
Am just wondering if there is indeed malicious content in the file or if it is a false positive and, if the latter, what (if anything) can I say to the host to get them to realise that they are the issue and not the file?
I have attached an 'offending' file.