Good info.
Note that only one AV engine (Cynet) pointed to a module in question during VirusToral scan. The reason was “File is not signed”. So as you said FP is quite possible…
One of the most interesting of my questions is that Avast full scan does not determine a problem, but quarantines the module and issues a threat alert… Hopefully Avast Lab will respond soon and mystery will be solved