antivirus testing or suites should be done in each separate protection module (there is always the possibility that one or more modules may fail). That's why I've always used products comodo. For example: when I go to do some testing, disable firewall, hips, self-contention and keep the antivirus activated ...
In short:
Only active antivirus, detection test;
Only active firewall, data leak test;
Only active HIPS, protection test;
Only Auto containment active, test protection system;
Only active viruscope, test protection against malware such as ransomwares.
This is how I do my tests