We received the same alert for "Windows10.0-KB4528760-x64.cab" with SHA256:
DF04023D99202BAAAC3B3464FFCFBA674B6A31F1D94E9CFABB55FEBBA39F8438
Along with one other Windows updated file that I don't currently have a filename or hash. Same false positive issue?