sorry, my wording was obviously misleading. it was not my intent to say that i got false positives. i meant to say that BOs have been reported online for programs that are not natively malicious. i've not had a BO yet on my system.
Once again, the purpose of CMF is NOT
to detect malicious applications but to stop
buffer overflows and similar attacks which attempt to exploit vulnerabilities in real time (similar to DEP).