FileDM installers are generated fresh after each upload, so the file has zero prior installations. This triggers antivirus software because of the optional offers included (such as Avast or Opera GX). This happens for all infrequently downloaded files, and with frequent ByteBreaker updates, the file changes often. This is a false positive.
Themida is a software protector. It hides the code of ByteBreaker so it cannot be decompiled. This makes the antivirus detect Themida itself, not any actual malware inside the application.
Sometimes these two files get flagged by antivirus. The decompiler scans and decompiles the code of another program, which can trigger AV. The file erto3e4rortoergn.exe is the injection console developed by Velocity. It's the console that appears when you press the inject button. Both files are clean.
ByteBreaker requires admin rights in order to work. It uses an external injector, which needs admin rights because a program without admin rights cannot run another program without permission. This is standard Windows security behavior.