Will cxs report false-positives?

Yes. cxs reports various types of suspicious files, directories and other resources within the scanned structure. It will almost always trigger false-positives as it is designed to highlight constructs and activities that are typically used by exploits. Unfortunately, legitimate scripts also do these things on occasion and cxs will report them for you to decide whether the activity is innocent or not.

If they are innocent you can use the ignore file feature to exclude them from scanning in the future.