AV doubt

Hello comunnity
its my first post
I come to ask for few doubts help, Please be patiente, I tryed search and FAG

Is the number on UnclassifiedMalware@xxxxxxxxx determined by labeling, like date and first time seen on my computer, or it’s determined by how the malware works?
If its determined by how the malware works, where can I find a explanation or details for each number?

I have detected a program as “UnclassifiedMalware@94890986” but I am not sure if its really a virus, I dont want to waste your false positive testings on a uninportant file, so I’d like to know if it’s certainly a malware by the classification, or its possible to be a FP. Ill put some informations about it below.

I am a game player, and as many others of the game I play, find some FP or Virus problems realted with it, and If I find help on mines and common problems, I hope I can develop Comodo among other players.

The game is Tibia (www.tibia.com)
These 2 days I downloaded 2 programs, Its a ■■■■■ to a cheat of tibia, detected with defense+ “trying to acess disk directly, not common activity but used by some desfragmentation programs”(my translation), that scared me, but after opening the file with an hex editor I found the editor email, with google I found his website, and the program there code was too simple to be dangerous. The program was said to just change the C:/ serial number.

Today I downloaded the second, the “UnclassifiedMalware@94890986” It is a cheat for the game I play I wanted to check if there is a virus on it for my friend, here are virustotal.com results:

Here are some not expert informations I guess can help :x
The objective of the cheat program is to connect and communicate with the server without running the original program of the game, that cant be oppened twice at same time.
The original program of the game connects always to the same server with same port.
If there is a malware on the cheat for the game, It will surely only send your password to some different computer than the server.
It might need to run or use the original program to make the connection to the server possible.
The original game never gave me any danger or suspicious FP messages with Comodo(like change or run processes, registry acess/modify) except a keyboard/mouse apprimoration, that are still able to run when its denied, and the TCP connection to the server.

Sorry if I bother, thanks in advance.

If you want a more in depth explanation you can submit to Anubis for a more detailed report on what it does. Still that may be too technical.