hidden/stealth malicious code cannot be detected in that way, it's almost impossible to detect them with antivirus of any kind

i'm running it in a secure machine where there is nothing to steal

That still makes it a tough call too, because of price per card vs. sol's, 1060's are really sweet though I have two but can't get them stable when I change the TDP so left them at stock and OC'ed a little to get them to 245 - 255 sol's, but power is worse than the 65w. they are the Zotec GTX 1060 3GB mini though so this might be the issue.  I would really like to just force them in to P0 but can't get it even with NVidia-smi utility.  they stay in P2 which underclocks the memory and hobbles the core as well.  OCing to just 1911 core and 8008 on memory at least gets me to where I want to be minus the power reduction.  Does go to P0 if I game with it though.  10 series is just strange with this

Heuristical virus detection is in pretty much every new good AVS. They name it different things, but you can find it in there. Thing is it doesn't know what to look for if there isn't a pattern, so someone can just change their code a bit so it operates in a different way and it wont find anything. Heuristical virus detection isn't the same thing as being able to find something that is a virus no matter what or functions like one.

But the antivirus software will not detect the buffer overflows. Compile nheqminer in visual studio and read the warnings, you will see that this new miner is using unsafe methods, ready for attack.

hehe :-) The point  is that you don't need to store the virus in the executable, you just add a backdoor(buffer overflow) that can be used to upload the virus. We have too many closed source miners right now.
Difficult to know if they contain backdoors or malware.

Heuristic virus detection is not looking for a pattern. That's classic virus detection.
Thunderbite antivirus did automatic unencryption and code analysis more than 20 years ago. I played with it (at machine code level) back then, and you had to try hard to avoid detection. Again that was 20 years ago, so if they did their job, it must be a lot better now.

EWBF, Nicehash released improved miner. It seems that they hacked your computer and steal your improved version miner . Publish now a new version until it's too late .