Based on very initial testing the command line seems to work.
It passed all virus detection engines, but I don’t know what
OS X Sandbox: TROJAN means.
All those detection services and signatures generate a sea of false positives and require constant babysitting to maintain them and keep them half-relevant. You may contract Palo Alto and submit for review — at least Sophos has the miscategorization submission web form, maybe those guys have one too.
for the Trojan — I guess some smart antivirus figured that since the web frontend downloads an executable and launches it - it has to be trojan! Well, technically it is I guess maybe this technique is frowned upon by default.
Edit. Quick search found this: Live Community - Re: How to report false positive if I'm not a cust... - Live Community