Hi DavidR,
I have run the executable in question through Anubis. Here are the results of the Analysis Report:
http://anubis.iseclab.org/?action=result&task_id=180a4941b8eae2d441d260896425ad586&format=htmlThere it is being classified as a (medium risk) download and low risk risktool, so could be classified as a PUP, but as users know what it is meant to do and have installed it themselves intentionally, then it should be OK.
The generic flag could be because of the \NameSpace_Catalog5 Winsock2 monitoring key settings and or similar key settings for \Protocol_Catalog9 but these have to do with the network settings by the program.
Device Control Communications Control Code is also found in certain Trojan-Spy variants.
The mutex, _SHuassist.mtx, is also found with certain risktools.
I.M.O. more than likely a False Positive,
polonus