's antivirus engines are command-line versions, so depending on the product, they will not behave exactly the same as the desktop versions: for instance, desktop solutions may use techniques based on behavioral analysis and count with personal firewalls that may decrease entry points and mitigate propagation, etc.
Contradiction of raising virus alarm!
Sometimes even the system anti virus program finds that a system file has been modified but cannot determine whether the file has been modified by a virus or by the user. In such a situation, if the program generates a virus alarm it may lead to a false positive.
It has to do with how anti-virus works. Most anti-virus use what is called heuristic analysis to find viruses.
This means they can actually read the files and look for similarities to known viruses or for traditional virus behavior.
Keygens can look like viruses when they are scanned this way, due to how the keygen authors package their code.
Of course, some of them probably are viruses too.
Is it safe?
Like the others have said, yes and no. I’ve seen games where viruses and bitcoin miners were attached to them. But also, what happens often, is the code used by the people who Crack the game triggers a false positive in a virus scanner, triggering a virus alert where there is really not one. This is pretty common. For instance, when someone cracks a Steam game, they have to modify the steamapi.dll, which prevents the game from attempting to connect to steam and verify that the game has been purchased. If you see steamapi.dll pop up in your installation, it is more than likely a false positive. But if you see some other crazy files pop up, or it says it has detected a bit coin miner, then yes, it’s a virus.
Bottom line, pay attention to the files being detected by the Antivirus. It could be a virus, or a false positive, but you should do some research on the files triggering the warning through Google or other means just to be safe.
Full in detail analysis