Malware detection in stack: AWS/Docker/Plone

we are running Plone 5.2.1 using Docker hosted via AWS.
AWS told us, that the installation spreads a malware - our analysis has shown that it could be Gh0st RAT.
So we examine all parts of the installation stack.

Are there some known issues regarding Plone itself affected by a trojan such as Gh0st RAT?

Ghost Rat is a Windows malware.
Are you running Plone on Windows?
Usually this is an issue of your operating and not of some application running on your OS like Plone.

Plone Foundation Code of Conduct