I just did one of my occasional virus scans on ClamXAV, and it found a file infected with a certain CVE_2012_0754-5. However, the file in question wasn't in some odd place; it was an .m4a in my iTunes Music folder. Considering I've had this file for months and done scans since without anything picked up, and the fact that this is an iTunes-purchased song, I can't help but think that there's nothing wrong with the file and that this is a false positive. But, there's the chance it isn't, too. So, I ask you, what's the best course of action in this situation?