[clamav-users] Question regarding Metasploit signatures

[J.R.]

> Hence, my question or curiosity over how ClamAV determines
> the *true* threat level of a malicious file.

If the virus pattern is in one of the database files, then you are
alerted... If it's not, then no alert... That's how every antivirus
works...

You are more than welcome to report files for the clamav team to check
out and add to the db:

https://www.clamav.net/reports/malware