ClamAV definitions out of date
This could be because of a number of reasons. Check that the database is up to date by calling the freshclam command directly with verbose:
$ fab $environment -H backend-1 sdo:'freshclam -v'
If it reports the virus databases are up to date then you may need to check the ClamAV virusdb archive to investigate.
If it can’t seem to download the updated definition files, with errors such as
Ignoring mirror 126.96.36.199 (due to previous errors), it could be that all
the mirrors available have been blacklisted. You can reset the blacklisted
mirrors by deleting the file that stores them:
$ sudo rm /var/lib/clamav/mirrors.dat
After doing this, running
freshclam -v as above may well work again.