All calibre isntaller files are signed, for windwos and os x the signatures are in the installer and verified by the OS when installed, for linux you need to verify them manually and there is a link to them on the main download page.
And yes, this is a false positive:
https://manual.calibre-ebook.com/faq...a-virus-trojan