Virustotal being an on-demand scan is highly unlikely to detect it as a rootkit (these detections appear to be generic/suspect/heuristic) as that requires special anti-rootkit scanning to compare what is shown as running in the windows api and what is actually running.