During kali installation on virtual box,avast detected a virus,how is it possible?

I was installing kaly on virtual box,on W7 host,and during the upgrading/installation package,avast has detected 2 threat,in particular on mimikaz package. Question is,how can avast “see” throug the VM?

The package hold for a bit on Host,before going in VM? I’ve always thought that 2 enviroment was isolated and separated. I downloaded kali from official site Thx for your guesses.