Just to clarify, we have gravatars turned off in Wordpress itself, but the issue is in the code that is generated for wpmudev_chat_localized with all of the settings/parameters. This code has a reference to gravatar.com which looks like it is automatically generating a copy of our Favicon PNG:
So the problem is not with our plugins for avatars or Wordpress in general, but rather with some automatic code that is being generated by your chat plugin.
As a result of this code, the SSL icon in the browser indicates that the page is partially encrypted, with 1 reference to insecure http:// being the image detailed above.
Are you able to confirm this issue from your end?