Nethserver 7.6.1810
We are seeing the same issue. Emails with attachments are being blocked ones without are OK. Addresses that are whitelisted not affected.
clamd[6379]: instream(local): Win.Exploit.CVE_2019_0903-6966169-0 FOUND
Preformatted text5.7.1 clamav: virus found: “Win.Exploit.CVE_2019_0903-6966169-0”;
Trying this workaround https://www.clamav.net/documents/how-do-i-ignore-whitelist-a-clamav-signature.
Archlinux is having the same issue.