[DiapDealer]

In my opinion, it's all down to the heuristics used. When a virus program changes its heuristics, suddenly a file (the exact same file) that has been clean for years is a "problem." What's easier to believe: that an exe that has been perfectly well-behaved for four years has suddenly gone rogue? Or that the heuristic tweak on the part of said antivirus program wasn't all that well thought out?

Has the exe been dangerous all this time (without actually infecting anything), or has it magically become dangerous (without actually infecting anything)?

Open-source software is about trust in this day and age (actually it always has been). Especially on Windows and Macs. Because when all is said and done both of those platforms are doing everything in their power to scare the average user away from installing anything that didn't come their own software stores (or from those companies who have paid enough money to be added to a "trusted' publisher list).

Use your head. "Suspicious behavior" isn't something that's black/white, good/bad. It's not even something that's objectively definitive when it comes to software. "Suspicious behavior" can still perform perfectly benign tasks. Trust the people/places you've been getting your open-source software from for years, or don't. And if you trust them, use the signatures and checksums provided to make sure you're downloading the exact same thing they uploaded and move on. Exempt them from the overly-aggressive, heuristic scare-mongering programs and move on.