STOPzilla, an antispyware is catching the most current WDS installation package as Zlob.YU. While one should never take this too light-hearted, the first reaction of the user who contacted me was of course rather in the direction of an accusation. Nothing wrong with that, if it would have turned out to be true. Not at last I am an AV researcher and developer. Although probably SF.net would be to blame if something like this happened, because all downloads run via them, this would be horrible for my reputation as well.
So, what now? First of all I want to reassure everyone, that the two download samples from different SF.net mirrors that I have taken are not infected, but still reported as Zlob.YU by STOPzilla. Since all mirrors are supposed to be in sync and I got the first report two days back, all mirrors should have the infected file version by now – if there ever was any threat. Instead the fact that only STOPzilla finds it, points to a false positive and I am going to contact the vendor about it.
Second, you need not trust me on that, instead I suggest to visit Jotti and VirusTotal, although these are also not 100% reliable in the end, the heuristics and signatures of different AV scanners are used to examine your file, which gives you a fairly good hint as to whether the file is infected or not.