False Positive: Site Blocked - HTML:Script-inf

[a.vagamundos]

Avast is blocking our website wxw.vagamundos.pt claiming that it is infected with HTML:Script-inf[Susp].

We believe it is a false positive because our website is monitored 24/7 by Sucuri (premium account) and all the reports say that it is clean of malware.
We also checked for virus in several websites and all of them show that the site is not infected/blacklisted:

https://www.virustotal.com/gui/url/9cc4af13183fbbff4724da3174298b7d27eea4d8e4cf76c69ef37c400ea84c2c?nocache=1
https://labs.sucuri.net/blacklist/info/?domain=vagamundos.pt
https://www.siteadvisor.com/sitereport.html?url=vagamundos.pt
https://yandex.com/safety/?url=vagamundos.pt&l10n=en
https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Fwww.vagamundos.pt%2F

We already filled a report yesterday at https://www.avast.com/false-positive-file-form.php but we got no feedback.

Since we work in the tourism sector weekends are usually very busy and many readers of our site are reporting that they cannot access our website, and that is hurting our brand image and company profit.

Can someone here helps us checking these false positive issue and help us with the site unblock? 
Thank you so much for your time.

[Pondus]

Unmask/Sucuri. https://unmask.sucuri.net/security-report/?page=www.vagamundos.pt

[a.vagamundos]

Thank for your help. The Suspicious Inline Script is from WP Rocket plugin, a very popular plugin:
class RocketLazyLoadScripts{constructor(){this.v="1.2.3",this.triggerEvents=["keydown","mousedown","mousemove","touchmove...

We have Sucuri premium monitoring the site and I runned another scan and it keeps showing no issues, even on server side (print screen in attach). Therefore it seems a false positive to me.

[a.vagamundos]

Unmask/Sucuri. https://unmask.sucuri.net/security-report/?page=www.vagamundos.pt

I just tried running the test again and it is showing no issue now:
https://unmask.sucuri.net/security-report/?page=vagamundos.pt

[polonus]

Still website will kick up a 404 error and cannot be scanned:
hxtp://vagamundos.pt/.git/HEAD
This is  being flagged at Sucuri's.
Read:
httpss://serverfault.com/questions/128069/how-do-i-prevent-apache-from-serving-the-git-direc

polonus

[a.vagamundos]

Thanks a lot for your help. I read the info you send me and for what I understand the only page that Sucuri can´t read in the sitecheck page is the .git/HEAD (it even shouldn´t try to read it in the first place). Like I mentioned I have Sucuri Pro monitoring my site and I have no errors scaning the site or warnings at all.

Anyway I´m going to follow your tip and try to prevent apache from serving the .git directory. Hopefully it works.
Once again thank you for your help.

[a.vagamundos]

Just to give some feedback: Avast team already confirmed that it was a false positive and cleared the reputation on their database and therefore the site is not blacklisted anymore. I really apreciate the efforts of the ones who tried to help. Thank you guys!