The current detection (not-a-virus:HEUR:RiskTool.MSIL.Miner.gen) is probably optimal. In such cases, the detection is not related to the file content but depends on the context. The file itself is benign but it was recently abused by the attackers. The context here is the prevalence of attacks and how popular and necessary is the file.
There are well-known and much more dangerous files that are classified as safe by all AVs (Windows LOLBins are good examples).
On the contrary, when the file is used only for malicious purposes, most AVs will classify it as malicious.
In other cases (like with the file from the OP) we can see any kind of detection.