Please let us know the outcome of the ticket.
Our premium API file uses function “eval”. It does it for totally legitimate reasons, but some overprotective security checkers mark any kind of “eval” usage as malware. But again, its premium API file. nxs-functions.php is just a file from free plugin with some regular functions in it. It’s open source and available on wordpress.org. It was checked million times by thousands of different users including some serious security companies.
Are you sure that files on your site are original plugin files and they were not modified by some actual malware?
