To my understanding there are few applications that are potentially unsafe(Applicationunsafe, Riskware) and thus are added to CAVS signature DB but they could be nevertheless needed by users.
Understanding CAVS taxonomy (detected families and sub families) and the nature of detected codes (malware, unsafe, riskware) would likely improve the overall end-user compliace.
Some AV classes pertains potential unwanted apps or exploitable components (Riskware, Appunsafe, etc.) and it is not uncommon some users report these detections as False Positive even if CAVS correctly detected the samples.
A small description (eg linking a description of the help file) could provide enough info to have the user acknowledge the nature of detected code and possibly provide enough infos for an educated guess.
On a related account a possible way to modify CAVS default behavior on a per family/subfamily basis (eg only log Riskware, jokeware or appunsafe but provide alerts for more blatant threats) will likely increase CAVS enduser friendliness.
With those info it could be also possible to modify default behaviour(providing additional options) when a particular category is found.
eg: Only log Joke apps but quarantine Trojan apps.