If it were just the file not being clean on Virustotal I would fully agree. Heuristic detection will result in false positives. However, if they had an actual example of malware signed by that key that would indicate a compromise and that would justify pulling it. The absence of the offending file is suspicious, though.
If they had an example, they would've never deleted it though. I mean, that part is so unprofessional, it's rude to believe are that incompetent, the polite explanation is that they lied about it.
Yep, it would certainly justify pulling it, but quite bizarre that they're then refusing to issue another certification - I'm sure the WinRAR team would be able to prove they're the genuine developers.
