Dica-Kit Rootkit detected by rkhunter, is this a false positive?

I ran rkhunter in sys-firewall, sys-net and in 2 more offline (netvm set to none) appvms, and it indicated possible presence of dica-kit rootkit.
Here is the part from /var/log/rkhunter/rkhunter.log

Info: Starting test name ‘running_procs’
Checking running processes for suspicious files [ Warning ]
Warning: The following processes are using suspicious files:
Command: xl
UID: 0 PID: 513
Pathname: /usr/sbin/xl
Possible Rootkit: Dica-Kit Rootkit
Command: xl
UID: 514 PID: 513
Pathname: 212360
Possible Rootkit: Dica-Kit Rootkit

It’s a false positive.
xl provides Xen domain features.

okay, thanks