An interesting article discussing the attrition war of authors vs reverse engineers and Anti-Virus/Anti-Malware.

Sun Tzu counseled a strategy of maneuver warfare, and that is the doctrine followed by modern militaries. We need to find something different than the attrition warfare that sustains the malware ecosystem in the state it is in today.

Obfuscation, the deliberate hiding of the software's behavior, is used by malware authors as well as legitimate software developers. They both use code obfuscation techniques to keep curious souls from understanding how their software works and what it is doing to the computer on which it runs.

Good Obfuscation, Bad Code
http://www.securityfocus.com/columnists/498/1

This is only my opinion, but I believe that AntiVirus makers are so far behind the curve, they are just grasping at straws.  They are not capable of catching anything remotely unfamiliar with signatures, so they are expanding "detection" to include legitimate software to "be on the safe side."

I know nothing of these "keygens" you speak of 

I don't understand why they would do this - a keygen is just a reproduction of the algorithm used to produce a registration key.

unless they used the program itself to self-keygen and that somehow flagged it....

Indeed, they usually are. I saw this youtube video one of a researcher downloading keygens and monitoring them with wireshark, PortMon, ProcessExplorer, and Process Monitor.

It dropped some stealthy and blatantly malicious stuff of its own. wish i had bookmarked it.

His solution? (assuming these keygens were legal pices of code) Use a VM machine to run them.

If they use patch-like function to insert a key (a la registry injection), stay away.

If you have to replace files manually (aka an .exe), run for the hills.