Not that I'm familiar with how a virus scanner does it's decisions but why would the bitmap be considered malicious when stored as a resource in the exe but not as a file? I would try copying that bitmap to a file that ends with exe to check if its really the bitmap that cause the false positive. Just in case the virus scanner needs a proper exe header you might also try attaching it to another exe by doing a copy /B file.exe + /B file.bmp test.exe
Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are, by
definition, not smart enough to debug it.
- Brian W. Kernighan
Just test it yourself if you do not believe it. I added the embedded resource under RT_STRING or RT_RCDATA. Not a single combination works.
Avira detects resources as a virus if they are bigger than 20kb.
What if I wrote a program that detected that all your EXE's had viruses? Are you going to pull your hair out looking for a "workaround", or are you going to contact my company and ask me what the heck is going on?
So contact the company and state very simply that their program is detecting your legitimate file has a virus. Let them resolve the issue.