For Corporate/Enterprise ;Submit a Virus or Malware Sample | McAfee Labs
All the Best,
McAfee Volunteer Moderator
I'm currently sorting through the details.
The file detection you mention, points to MD5 hash bcee2dd4128a67f6039162fef34d5c72. Which is reported to have the file name sbwcrv.exe. When extracted the file simply contains .txt files full of numerical values.
This is also associated to two download locations having to do with savings bonds, that also have file names sbwcrv.exe.
However, the files when downloaded from those links, have the MD5 hash of b35d8a1453a51a82ff7ab188251060eb.
Their contents appear to be the same as above, leaving me with the question, what does this file do? Is it expected to simply drop .txt files?
I'll recommend that you download the file from the source again, and confirm it's not detected.
I'm not sure why, but the file you first mentioned, seems to be a re-wrapped version using 7Zip, rather than the original that used WinRAR. I just can't tell for what purpose.
I'll likely whitelist the original file, but would feel better if you could re-download the package, and you should get the one with MD5 b35d8a1453a51a82ff7ab188251060eb, as I did.
I understand now that the .txt files are a "database update", to the original program "swbsetup.exe". I still cannot figure out where you got the 7Zip version, and would prefer to not whitelist it, on the basis that the legit site points to the WinRAR version.