After downloading a fresh download/install and having them re- analyse the program again, i can confirm your results a 20/60 AV detection...
BUT! ... there is still no issues, nor anythign wrong with this program. these are False postive detections from the antivirus programs ... As the "AV" also looks at outgoing traffic.
most Popoular AV either detect them and report them as "pups" potenail unwanted programs
or as what it is
a http web server.
----------------------
the only thing i can do is re file reports like when i did for windows defender to stop some deletion and other, as this is a open source program and it code is public...
there are also some newer "AV" about of there test that are for android phone most of them are what caused it to drop in score and don't have a very good rep(from what i can tell) on there definition yet.
there was a jump between the ajax and jqurey security update and code changeover that started detection due to a self zip/executable(where hfs holds the offline version for lan use of jqurey) with in the program (something got bigger and alot of "AV" started to flag it due to a size in file change...
------------------
*IF you want them to go down them file reports linking to the source code, this forum and the download link.
Macfee changed there report stuff, i've filed reports with success at "lowering the threat level" (detected as pups or the win32 - http web services)
theirs nothing more i can do to "lower a 3rd party site annalists of the program. that up to the people who use them and to what extent they are being used.
NOW then onto Https -- hfs is using http protcal to do ftp transaction (alot more going on but that is the short term) if you want https you wil have to use another program.
*search the forum.. look into stunnel.