Hi CoJo,
I'm sure the experts will correct me if I'm wrong, but I'm gussing this is similar to what I'll sometimes get from the email provider. Any executable attachment (such as an Exe) trips a "May be dangerous" warning from avast even though the file itself doesn't get scanned at that point.
I have HTML-content enabled in my Eudora, and once got a similar iframe-tag warning. Turned out it was nothing more than Yahoo's own advertising, which we're stuck with in Yahoo Groups.
So a reasonable guess is that the warning is triggered by the file-type (or the existence of the iframe tag) as a general class, rather than anything specifically in it. And that's why the "may be ..." wording of the warning.
Best,
Mike