i guess you're right... however avira did analyze it and afterward detected the file, the report being that it was indeed malware, previously it was being missed by their engine (like in the virustotal report now).
This was the report they sent after about a day (for the other file it was in some hours):
Thank you for your email to Avira's virus lab.
Tracking number: INC00772157.
A listing of files alongside their results can be found below:
Please find a detailed report concerning each individual sample below:
The file 'WBB.exe' has been determined to be 'MALWARE'.Our analysts named the threat TR/Drop.Startpage.N.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Alternatively you can see the analysis result here:
An overview of all your submissions can be found here:
Please note: If you have specific questions please address them to email@example.com
Avira Virus Lab