As petr explained, there is nothing fishy about it.
It is covered in the privacy statement/EULA from avast.
Well I have opted-out of everything I can regarding data collection. Reading the Avast privacy statement here,
https://www.avast.com/en-us/privacy-policy I can find no reference to the backup.exe function. Also, just to be clear, I do not use the Avast Backup Service.
Firewalled it ...
I understand that some telemetry is needed, so I guess the real gripe here is that this is new application behavior which consisted of contacting a remote server. No advance notice was provided to end users. Any decent system administrator who cares about data security would naturally be concerned by a sudden change such as this.
I do not understand many developers assumptions today that it is just ok to grab anything they feel is necessary off the user's PC, that a vague blanket EULA gives carte blanche access to anything at any time.
Hiding behind a EULA does not make it right.