There are several closed issues regarding this, but it seems like none of them actually discuss the source of the blacklist.
I recommend reading these articles:

• https://www.securemac.com/definitions/Chisel
• https://varutra.com/ctp/threatpost/postDetails/Russian-Backed-%27Infamous-Chisel%27-Android-Malware-Targeting-the-Ukrainian-Military/UjZ4SlB3Uy9MNStXWlVxZTFuMmMzQT09
• https://www.cisa.gov/news-events/analysis-reports/ar19-304a
• https://securityaffairs.com/150167/cyber-warfare-2/infamous-chisel-malware-targets-ukraine.html
• https://sensorstechforum.com/chisel-mac-trojan/

I'm not sure what can be done at this point. Maybe contacting virustotal and asking them for help? They are directly working with antiviruses afterall.

A valid argument might be that there are many self-containing ssh implementations and you could do the same thing (ssh over http/s) fairly easy with socat.
But the problem seems to be actually the name. Chisel is now known as a trojan. Maybe changing the name would be easier?

I meant to suggest asking virustotal to act as a bridge and contact the AVs for this false flag.

If you want to compile your own renamed chisel, well the source is open, and it’s MIT licensed.

The problem is binary signature, and not the name? I saw someone in an issue editing the name references in hex to a random string and as far as I can remember it worked, but again, it would be a cat and mouse game. (and hackers can do this too)

If you don't mind, I can contact virustotal in a month or so (when I have free time) on your behalf.