When the OK button of the Virus dialog is pressed, the API call (to open or execute the file) will fail with ERROR_ACCESS_DENIED. Exactly the same happens e.g. on NT platform, when you try to access a file you don't have rights for. It's up to the application (the one that did the API call) to handle the failure and react somehow.
As for the other question... theoretically, it is possible that an application opens a (clean) file and keeps it open for a while. In the meantime, the file gets infected. Then, the application is still able to read the file, because it has the handle for the file still opened.
However, it's not so simple as it may seem. The application must have had opened the file with "write sharing" - otherwise, the virus would not be able to infect the file subsequently, no matter if an antivirus is running or not. For example, you don't have to worry about infection of a running application - its file is locked by the system. (A running application can be infected in memory, but it has nothing to do with files).