I have scanned the dlls locally and online (
virustotal), there's nothing suspicious except generic trojan warnings with Norton and HouseCall; everything else passes. The most likely reason is the binary compression we do with upx. The only thing that has changed in the nightly is the inclusion of stb, which is a lot of additional code. This probably affects whatever shitty heuristics Norton/HouseCall use.
In general, everything in LWJGL is built from source, we don't use pre-built binaries.
This is the github account that is used for that. Linux and OS X binaries are built on Travis-CI, Windows binaries on a TeamCity server hosted by us. The only other thing that may affect a Windows binary would be the Visual Studio compiler and UPX, both have been downloaded from official sources.
Please do let us know if the issue persists. Even though this is a false positive (and I personally believe that anti-virus/spyware/whatever software is more malware than actual malware), we'll have to find a solution.