The company I work for maintains several programs that our clients retrieve via FTP update. (Programs are designed to run on a WinXP machine, FTP box is running SuSE Linux. I want to say it's V 9.3, but I'm not 100% certain of this.)

Recently, one (and only one) of our client's branches has been complaining that running a specific program from the downloaded list is triggering Sophos Checksum messages. Supposedly, this continues even after re-retrieving the updates list. Also, this supposedly happens on every machine the branch attempts to run this on. (I'm not sure they've tried to run it on more than a handful, though.) This program is used by multiple branches of this client, and no one else has had any complaints about it.

I've looked up what I can think of on Google, but I freely admit I'm no expert. I can't figure out what might be causing this to happen at one specific location, but not others using the same version of the code and presumably the same, client-defined, antivirus system. Does anyone here have any advice for where I can and should start looking for more information on this topic?