If the CD with the application has been released a long time ago, it's possible that the signature to be improperly recognized or the CD is actually infected with malware if it was custom created.
Nonetheless, you should verify it against 20-30+ antivirus solutions. There is a website called VirusTotal that can help you with this situation. Access the website, upload the EXE file and check the results. If you have the possibility get in touch with the developers/sellers and explain the situation.
If it turns out that it's actually a false positive, you can ignore Windows' warnings and continue with the installation.
