KB89706 will be published today discussing the false positive. Both 8624 for VSE and 3075 for ENS has this issue. Workarounds will be in the KB as well as how DAT reputation can help prevent this from being applied to systems. Seems to only occur when the email scanning component is enabled so you can disable that feature until an emergency DAT is released today fixing the issue.
AM Core Content Version 3077 was released and has fixed the issue. So upgrade to 3077 and everyone should be good to go. I have confirmed within our environment that it is fixed and no longer reports any Suspicious Attachment!lnk instance.
Thank you all for your help.