If you can post the virus total URL to the results pages, thanks.
To me it is looking more like an FP by the other AV (what was it ?), as only one detection in the VT info you posted could be even slightly plausible, adware.toolbar; that is such a low key affair/risk as to be dismissed as toolbars if in an installer can usually be opted out of.
The other detection is quite frankly a joke, if the virus is in a password protected archive, how would it be possible to extract the file from the password protected archive to be able to scan it, essentially it can't, so that detection really could be discounted.