Yes, but what in the new release that can cause it to act like a virus?
The previous release Arduino 1.0 runs just fine.
This is the problem, isn't it? Real-time AV protection uses heuristics
to decide what needs to be "quarantined". How these heuristics are formed are not only secret, but based on things like application behaviour profile. They are, fundamentally, guesses.
You don't really want developers to have to worry about how the low-level IO and API function calls of an app might trigger these heuristics, do you? Not to mention that an app like Arduino is composed of a variety of third-party tech that itself may be triggering the heuristics. It is an impossible task to ask.
Norton asks that you send them information about false positives so they can keep their heuristics up-to-date. You should do this. I also suggest excusing Arduino, and the JVM that it runs, and the third-party utilities it invokes from the real-time AV system.
The bottom line is that it is the owners responsibility to maintain a system that can run apps; it is not the responsibility of the authors of apps to make sure every change they make to a release somehow threads the needle of every real-time AV heuristic out there.
As a computer professional, my opinion is that all real-time AV products are a gigantic hack that are collections of bugwards compatible behaviour (this is a technical
assessment!) Companies use fear and OEM wrangling in order to essentially get royalties for something that offers minimal utility and a lot of false security. Norton AV is security theatre, at best.