ESET experienced a false positive this morning. It was falsely identifying various websites as Javascript or HTML threats. The definition database, version 13102, was pushed out and expanded JS/ScrInject.B trojan and HTML/Refresh.BC trojan to include the false positives.
ESET wrote up the experience in Alert5879 and have since deployed an updated virus signature database which corrects the issue. If your definitions are version 13103 or later, you should no longer be experiencing the issue. If you host an update mirror in your enterprise, it will need to be updated in order to deploy the working definitions to your clients.
If you are unable to update but still need to access a flagged website, you can add a temporary exception to ESET Smart Security/Endpoint Antivirus/NOD32 Antivirus/ESET Endpoint Security for Windows. This can also be done as a policy through the remote administrator console.
As far as false positives go, blocking websites is a whole lot better than quarantining system files. ESET did a good job in responding promptly to the problem.