My server's virus protector just recently sent me a notification of malicious files on my server - they were specifically listed as a file in my exported form builder folder ... cartapp_v1/phphosted/checkoutdirect.cls/php

The file does not appear to have been tampered with or altered since I uploaded it because the date is still the same as the date I uploaded the file. Anyone else ever have this happen?

First you should check with your hosting service technical support and get them to check out the files.

You probably should delete the WFB and all assoviated files (depending on what technical support say/do)
You should then be able to reload the clean files from your PC.

You need to address this A.S.A.P something similar happened to a client (not WFB) Google took the website down completely and even after a new one was uploaded, it took a long time for Google to start crawling and indexing the site again.

Well I deleted the file from the car app folder and re initiated the san and no threats were found. Then I went into form builder redid the form entered in my paypal identity token uploaded all the new files, did a scan again and it shows the file as being infected again. Thinking this is a false positive as it it happeneing with every website on my VPS that is using the WFB to accept payments (same file on all of them)