Realistically, a False Positive can happen but it is a wee bit sloppy from the side of the AV vendor, if I may be so honest.
The number of different (!) malware is not as predominantly big on the Android OS-ses as, lets say, the ones for the PC.
There are some variants, but that does not merit a False Positive.
But that is my opinion, of course.
In my view, HexCode is not to blame nor the one to take action upon this.
As there are literally hundreds of AV vendors, or products that contain a form of AV protection, in some kind of shape.
It would soon become more then a day-job to maintain all those AV vendors.
VirusTotal is a quick-and-dirty method, but it is not watertight nor it is not without some criticism either.
The FP could be due to compression-schemes used, some coding-practices or something those AV vendors think alike that malware is behaving, that depends sometimes quite differently between the various AV vendors.
If your AV encounters something that appears to be a False Positive, your AV vendor is responsible for further investigation and resolving it.
Next to the fact, that AV vendors often respond rather more quickly to somebody (end-user) paying for their software (license) and reporting an FP then some software company (HexCode) that happen to generate an FP.
At least, these are my experiences.
I agree, any serious AV vendor does offer, track-and-traced, a reporting facility to submit any possible data to further analyse, both false negatives (= not detected malware) and false positives.
It is indeed also the user-base, next to other customers, AV researchers and so on, who will strengthen the detection-rates and also help avoid FP's.