I can't give you a definitive answer (as an avast user like yourself), but a known threat could be a known means of exploit/entry but hasn't physically been detected. There is probably only a very thin line between both definitions.
I generally I don't allow any autonomous actions preferring to make that decision myself. That way I would at least know what program/file the behaviour shield is referring to and why it might be making that detection.