Quick question, when does /usr/bin/clamav_updater.sh get run by ASL (if indeed at all)?
Thanks for the question. ASL does not use it or run, but we do include the script in case you want to use the third party signatures it will download for you. Because the thirdparty signatures it downloads vary in quality and false positives we do not turn this on by default. We used to have that enabled many years ago in ASL, but disabled it I want to say 2 years ago because of the aforementioned concerns about the quality and false positive rates in some of the third party signatures.
With that said, those signatures have gotten much better, but still are not at the level where we feel comfortable turning them on by default. In general though, you may find that they work well for you, and the script to update them is included in ASL if you wish to use them.
My personal two cents, its safe for most folks to run that updater. YMMV, but like I said the quality of those signatures has gotten better, and a lot of people swear by them.