I'm using a dual-bootable, machine with WinXP-32bit on one partition, and Linux 64-bit Ubuntu 16.04LTS on the other. After scanning Windows with ClamWin, I got this result; copied from its log file showing 2 files infected. This is a copy/paste of that log file:

Scan Started Fri Jun 16 18:14:20 2017
-------------------------------------------------------------------------------

H:\Documents and Settings\~\My Documents\Downloads\14-4-xp32-64-dd-ccc-pack2.exe: Win.Trojan.Parite-1025 FOUND
H:\Documents and Settings\~\My Documents\HDDSCSI3.iso: Win.Trojan.ComInfector-2 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 6297601
Engine version: 0.99.1
Scanned directories: 3285
Scanned files: 25521
Infected files: 2
Total errors: 3
Data scanned: 33122.06 MB
Data read: 21492.33 MB (ratio 1.54:1)
Time: 4220.453 sec (70 m 20 s)

I then, rebooted to Linux Ubuntu and rescanned the same two files with ClamTK ... ClamTK didn't report ANY infections otherwise upon those same two files.

I know that ClamWin and ClamTK are apples and oranges, comparing their respective databases, and the file handling characteristic of the two operating systems are, also quite different ....

So, I'm like a patient asking a Doctor, "Where should I get a second opinion ?"

BUT .... I'm also stuck not being able to use VirusTotal's false positive analysis page because BOTH files are larger than their 128MB file size upload limit.

I'm hoping that you could direct me to a possible conclusion to this dilemma.

I have a similar problem once in a while--the file is too large. Here's what I do:

Where did you get the file? Did you get it from a reliable source? Look out for free stuff, stuff from email, and stuff downloaded from questionable web sites.
Scan the file with another local AV. You can use Malwarebytes free version. It can be installed with the Windows Explorer context menu.
Look at the date of the file. If it is old--say older than 6 months, that could be a sign the file is okay.
Look at the Windows properties detail (right click, properties, detail). A "good" large file should have good detail--description, version, filename, etc., and it should make sense. It should look like the developers are proud of it.
Get a file hash, and do a search for it (Google is your friend--unless they are tracking you). Also do a search on the filename. Then do a search on the developer. Don't rely upon opinions of web services that are selling something.
Look at the entropy of the file (there are some entropy tools). Max entropy is 8.0. I get concerned when it is 7.6 (95% of max)--in fact we used that as a heuristic in Clam Sentinel.
Run the file in a VM or sandbox, but some malware is now aware and will not execute in a VM/sandbox.

I hope this helps. They are some of what I used while sigmaking at Clam AV for 5 years on behalf of the open source community.

Regards,

Another option is to use a zipper program like 7-Zip to extract the exe and iso files to manageable sized components. Then rescan the folder(s) to find out which part of the file ClamWin doesn't like. These files should be small enough to upload to VirusTotal.

ClamWin and Clamtk use the same virus database and very similar scan engines (.99.1 and .99.2 respectively). The only default difference I can think of is the file size limit, which is ClamWin at 100 MB, and Clamtk at 20 MB.