Vaultpress identifying Pimple as a dangerous shell program

VaultPress has identified the json file PIMPLE as a dangerous shell program. Looks like it’s in your GIT so I’m assuming that it’s a legal file with no threat. Could you confirm?

Thanks,
John McDonald
—

PHP.Generic.BadPattern.5
This code pattern is often used to run a very dangerous shell programs on your server. The code in these files needs to be reviewed, and possibly cleaned.

/wp-content/plugins/caldera-forms/vendor/pimple/pimple/src/Pimple

The page I need help with: [log in to see the link]