Usually such companies (except the brainless ones) correct such false positives very quickly provided:
- a good but short description
- exact OS, compiler version etc.
- links on how to obtain the compiler(s) from the official website. (no fpcdeluxe here, because it has indirection)
The more concise, but detailed your report is, the quicker they will fix it.
We used to have many problems with KOL, most of it was corrected by most companies after I explained in detail that they were fingerprinting a framework instead of fingerprinting true malware. (Which admittedly KOL used to be used for a lot.)
The lazy ones just fingerprint the major compilers, e.g. from GNU, Microsoft, Intel and AMD.
Note it also helps if you mention that fingerprinting those is not "heuristics" which they will try to tell you as a first response if any response.....
There is nothing fishy in the startup code of the FPC compilers nor is there in the RTL.