Shipping exe detected as malware by Avira and others

The shipping exe of our game is detected as malware by some antivirus software, the most reported by users is Avira. Here is Virustotal scan:

It is the small exe in the root of the game folder, that I guess acts merely as a launcher of the bigger exe in Binaries, please correct me if I am wrong.

The engine is 4.15, built from source, updated to february 17 (commit 0d9abbeaeeae10bb91854d7fb8e1df568cc391f2).
Oddly the previous shipping release that I made about a week ago (with the same engine source) is detected on Virustotal only by one antivirus (Rising), but I cannot think of any change I made that could affect this:

I reported the false positives of the 5 antivirus softwares to the respective companies and I hope they solve the issue. However a worrying thought is that they solve just for this particular case and in a future build the exe is detected again.
Maybe also Epic can do something about this?

Not really a solution, but a workaround that is fine for my case.

I looked at the source of the “small exe” (bootstrap exe) and it seems just to check if prerequisites are installed, and installs them if needed. I don’t need this check since I already launch prerequisites installer in Steam install script.

I added NoBootstrapExe to my package command line to avoid creation of the bootstrap exe, and in Steam I launch directly the “big” exe in Binaries.