What is the logic used behind SONAR?

Hi,

 

I've just downloaded the netbeans-6.8-ml-javase-windows.exe and tried to install it.

 

On the first PC, everything is fine. But on the second PC, when the installation ran to 13%, SONAR said it detected this as suspicious and deleted the file. Now, I'm left with the NetBeans IDE Installer hanging there and cannot be closed.

 

I don’t think SONAR is consistent at all in its logic to determine suspicious programs. How can we put our trust to this inconsistent for other real malwares?

 

Also, the message - "You chose to block and remove it." - didn't seem right. I haven't had a chance to make that choice.

 

Regards