I use the https://myjoomla.com/ site management system.
It's very slick, and they constantly update their database with issues.
They have been flagging some F2C files as potentially malicious for a long time, but I've ignored it.
I'm submitting the info here for your consideration.
My hope is that you might be willing to communicate with them and resolve this false positive.
They work with a lot of Joomla sites, so it may be worthwhile for you to resolve this issue.
This is a list of files flagged by their system.
I realize this is in the smarty plugin, so all it may require is getting MyJoomla to whitelist the files.
Questions and answers for Form2Content, a Joomla CCK.