After some consideration and the feedback here https://news.ycombinator.com/item?id=7543196
I decided to inform one major antivirus vendor about it.
They offered their thanks for the warning, but also the opinion that false alerts would be strongly limited since the virus signatures are in files that would generally not be scanned.
The scope of this remains to be seen, but apparently at least Microsoft Security Essentials doesn't handle this entirely without problems.
After some consideration and the feedback here https://news.ycombinator.com/item?id=7543196 I decided to inform one major antivirus vendor about it. They offered their thanks for the warning, but also the opinion that false alerts would be strongly limited since the virus signatures are in files that would generally not be scanned. The scope of this remains to be seen, but apparently at least Microsoft Security Essentials doesn't handle this entirely without problems.