eicar has two sides to its testing, one that uses standard HTTP connections which the web shield monitors and HTTP, secure encrypted connections which the web shield can't scan so it doesn't monitor HTTPS connections.
The File System Shield scans newly created files (which would normally cover saved downloaded files), depending on your file system shield settings and the file type that is downloaded, zip files don't present an immediate risk (as they are inert) so aren't scanned.
So as you can see from the above there is no way we can say one way or another as we don't know anything about your settings, connection http/https or the file type concerned ?