That is certainly somewhat strange, as Lisandro mentioned, we thought that the CyberCapture function only dealt with executables downloaded from the internet. Whilst we understood that this restriction to only that would be expanded at some point, but I hadn't seen anything to say that its scope had changed.
This is certainly the first that I have seen outside of executables downloaded from the internet.
This needs feedback from avast developers.