Anti Virus False Positive?

Recently, ESET, NOD32 is telling me, when I open my blog, that I have a possible download Trojan Agent as part of the wp-stats.php file. Is this possible? If so, what do I do to fix it? I asked my web host if they run an anti virus and they said they do, would this slip past? The web host claims that ESET is giving a false positive. Any input would be helpful. I hope this is the correct forum for this question.

Thanks.