Thank you for your feedback. I can confirm that HelpNDoc's download page and setup EXE was cleared by Google yesterday, after our third review request and more than 48 hours blockage.
We didn't get any explanation as to what was problematic in the first place and Google's recommended Virus Total web-site didn't even report anything problematic with dozens of anti-viruses. As mentioned by spwolf, this Google decision blocks every users from Chrome AND Firefox (as they are using the same database) from downloading the software and accessing the download page, showing a scary red "malware detected" page instead. It doesn't help the software vendor understanding what is wrong in any ways.
Here is how Google (bots!) handled this issue:
On the 30th of November 10:09 GMT, we received multiple alerts from Google webmaster console that "Malicious or unwanted software were detected" on our company (ibe-software.com) and software (helpndoc.com) pages. It didn't include any explicit instructions or details about the problem and by browsing through the help pages, it was mentioned that VirusTotal.com was a trusted source for Google bots
We confirmed that everything was fine with the download (MD5 + VirusTotal check) and immediately requested for a review
3 hours later, the review failed for helpndoc.com only. This was the exact same message without any additional information. No news from ibe-software.com requests. We made some changes based on user supported Google webmaster forums such as removing redirects to CDN, creating a new release (re-build, re-package, re-sign...) and therefore changing the file name... and requested another review
6 hours later, the review finally came back and was successful for ibe-software.com, which linked to the exact same file.
24 hours later, the review failed again for helpndoc.com yet is was clear for ibe-software.com. Once again, there wasn't any explanation from Google's automated e-mail message
We had to wait another 24 hours for the third review on helpndoc.com to succeed and we do not even know why!
As we were clueless and it impacted multiple software vendors, we were able to make the following observations. Perhaps this could help other software vendors in case this happens again (fingers crossed):
The installer doesn't seem to be the problem: we are using Inno Setup but other reports suggest that other installers were impacted as well (Wise, nullsoft)
The code signing certificate doesn't seem to be the problem: we are using a recently renewed Comodo code signing certificate and have came across other applications using Comodo without this problem, and other applications using other certificate issuers with the same problem
The programming language COULD be the problem: we are using Delphi 10.1 Berlin and it looks like most applications are written using Delphi. Another impacted software vendor is using C++ Builder
Web-site technology such as SSL, redirections... doesn't seem to be the problem: only the download file is marked as malware (and therefore the pages linking to it) while Virus Total confirms that the download is fine
Here is the "most official" thread for this problem. Other software vendors are still waiting to get cleared: https://productforums.google.com/forum/#!topic/webmasters/CThwZ6Oq9Ck;context-place=starred
I fully understand that false positive happens from time to time and this wouldn't be such as problem if it only impacted some anti-virus software. But it is important to keep in mind that this decision from Google was blocking all users from Chrome and Firefox, which currently represents more than 71% of our trafic! I believe that software vendors should be concerned about this hegemonic Google situation. If you have any contact at Google, it might be worth raising this issue or talk about it to other software vendors to be able to better fight Google bots decisions in the future.
Thanks to anyone who tried to help here, on Facebook or the Google thread.