ManageWP uses a file /SSH2.php which "Defender" reports as a major problem. Is there a way to whitelist this? or work with ManageWP so that Defender doesn't report this as an issue?
The ManageWP worker is released under GPL licence as Open Source and its code is publicly available in Wordpress repository.
As such it is using a number of other Open source libraries as well.
One of them is PHPSec library: http://phpseclib.sourceforge.net/
This particular file in ManageWP worker (https://plugins.trac.wordpress.org/browser/worker/trunk/src/PHPSecLib/Net/SSH2.php) is using this library’s ability to execute one-off commands with exec() (http://phpseclib.sourceforge.net/ssh/intro.html).
I believe that due to this function exec() code is falsely interpreted as suspicious by the WPMU defender plugin.