I had a look at the image and the website it was reporting as suspicious (demo2.drfuri.com), and concluded that you’re totally fine!
It seems the demo content might have some images or other assets pointing to https://demo2.drfuri.com/. The “https” requires your browser to receive a security certificate from the server and verify that the server is who it should be. However, that website is not configured properly on its server, and is instead returning the contents of “https://drfuri.com/” (notice the missing demo2).
Your browser and anti-virus software are seeing this as a possible attack, because it is expecting the website’s security certificate to be issued to “demo2.drfuri.com” when it actually is issued to “drfuri.com” - two completely different sites as far as they are concerned! (see: https://i.bailey.sh/gjbeDDk.png)
So ultimately in this case it’s just a simple configuration issue on the author’s server which they can fix easily; absolutely no cause for concern and safe to ignore (but you should definitely let the author know so they can fix it, as any assets in the demo content which point to that site will currently be broken).
Hope that helps!