This article describes that sometimes, normal files may be falsely detected by AV signatures and should be excluded from Antivirus scans.

FortiGate v7.2.4+ GA releases.

This feature is implemented on the 7.2.4 version and It is supported through the 'antivirus exempt-list' command in CLI.

Antivirus exempt list is for files based on the individual hash.

CLI Setting:

config antivirus exempt-list

    edit <name> 

        set hash-type {md5 | sha1 | sha256}

        set hash <string>

        set status {enable | disable}

    next

end

Use PowerShell and CMD to get the file hash:

For example:

1. PowerShell -> Get-FileHash '[File Directory]'.
   

2. CMD -> certutil -hashfile [File Directory] [MD5/SHA1/SHA256]

If the FortiGate is not able to be updated to a version above v7.2.4, it is instead possible to exempt the domain whom is supplying that file from inspection entirely.

Configure a Web Filter with a Static URL Filter including that domain, and set the action to 'exempt'. See this KB article for more details: Technical Tip: Explanation of the Allow, Block, Exempt, and Monitor static URL filter actions