In this discussion it turns out that the alarm was recognised as false. ( WAX***.TMP)
So is this resolution still valid, where F-secure product recognises a WAX*.tmp -file as trojan? The WAX*.tmp file can't be found.
I think it is not necessary that "WAX*.tmp" belongs to a certain application or process. However, even by search web - it is a quite popular pattern name for .tmp files under Windows/TEMP. So, based on this and previous topic - likely still false positive (if to assume that those temporary files created by 'one' application with all situations).
But good to know a bit more about your experience. For example, what is exact detection name? Did you run Full Scan as double check against other detections? Could you check some installation applications / addons / extensions against 'tricky / suspicious' ones. And, for example, to find out when detection flyer is appeared (whether a certain application is launched or so)?
And, actually, F-Secure solutions with some changes in detection logic / abilities - thus, good to contact them about this subject. If your quarantine with these detected items - then, for example, to create "dump" from Quarantine - How can I recover quarantined items from quarantine manually? - F-Secure Community (f-secure.com)
And to transfer for re-analysis - https://www.f-secure.com/en/business/support-and-downloads/submit-a-sample
In general, ".tmp" can be anything and there cannot be decision only on its name. If detection for these files (previously marked as "false positive") is back - can be so and it is a likely situation.