Not the real reason in some cases. Some malware actually uses NirSoft tools (and even SysInternal tools) for, uhm, malware stuff :(
I mean, I can't fault some of the antivirus for these, especially since "regular"* users they don't really know about these powerful tools, but I agree that clicking a standalone executable that is otherwise safe shouldn't automatically trigger an antivirus.
* "Regular" at least as viewed by antivirus companies, like picture a grandma, but I think that's not representative of the real world today.
I mean, I can't fault some of the antivirus for these, especially since "regular"* users they don't really know about these powerful tools, but I agree that clicking a standalone executable that is otherwise safe shouldn't automatically trigger an antivirus.
* "Regular" at least as viewed by antivirus companies, like picture a grandma, but I think that's not representative of the real world today.