How to prevent false positive virus alarm on my software?

First, make sure that you do not have the Win32.Induc delphi virus, which changes SysConst.dcu so that applications you compile will be infected.

1. Use #3 to narrow down what in your code is causing the false positive. API calls which change process memory will trigger heuristic scanners. Even including the names of some of the API functions (such as WriteProcessMemory) will trigger a scanner. Make changes to a test application and submit to #3 until you narrow the problem down. If you use a packer, then the AV software will probably unpack it anyway, but test with and without packing.

2. Will depend on #1.

3. Virustotal is used by virus developers to check their virus is not detected, so Virustotal will send any test file to the anti-virus people for analysis. There used to be an option to switch this off, but it was removed several years ago. This can make the problem worse for you if you submit an application multiple times, so I would recommend using http://virusscan.jotti.org/ for your initial testing.

3rd question: There is a website called virus total which scans files with lots of antivirus engines. They have an api, so you can make this part of your build process.

also, some similar questions might help:

Antivirus False positive in my executable

Virus in Delphi 7

https://stackoverflow.com/questions/3534050/my-software-is-not-a-virus-what-should-i-do (Snapshot of deleted question)

Accidentally created a virus?