I don’t suppose the machine in question is joined to a corporate network?
Occationally I.T depts will use domain credentials to put EICAR on all domain connected machine to test the A/V.
So for example – group policy pushes out the EICAR – A/V detects it, and the I.T dept corrolate the A/V results against the Domain Computers list to determine which machines either don’t have A/V on them, or it isn’t working well enough.