I'm trying to debug a web application that I inherited. The site has a login-as feature to allow admins to impersonate users. When I try to exercise the functionality locally to debug an issue, the redirect is blocked with ESET indicating an "HTML/Refresh.BC trojan" threat. How do I work around this? The functionality is not flagged as a threat on the published server instances.