Security Vendors (ie antivirus companies) don’t really care that an individual crack may or may not be dangerous on its own, but things like cracks often do display the kind of behavior viruses do, like modifying registries and verification files. While they make these things free for us to use, they’re technically doing things on the system the user isn’t supposed to do (because it impacts security/integrity).

Game cracks have been a long-used avenue for propagating viruses, so to serve their customers better, they probably err on the side of just assuming that they’re all potentially at risk. It’s a little over-the-top, but I can see the reasoning.

Finally, lot of antivirus companies are exactly that: companies. They exist to make a profit and they’re working with people who sell software by marking pirated copies of their software as malware, which in the view of the people who sell software: they are malware. So often the way they make money dictates what they treat as legitimate versus not legitimate. Especially in the US, where the government does a lot of work to support private companies in enforcing copyright.

In other words, it’s a crap shoot. I’d say if the virus signature only mentions it being a game crack it’s possibly safe, because if it actually contains a virus payload, I would think it would identify that one, too. It wouldn’t take a more serious virus and dump it under the “game crack” without more explanation, or at least I hope they don’t approach it that way.