Of course I checked AVG's site right off. But it doesn't show up in their explanations even though they caught it.
So after some Googling it seems this is more about the potential for a link to be a problem than the actual detection of a problem.
These links *I* made, and are for Windows to directly access FTP sites and include username and password in correct format:
I made a couple more new links to dummy sites just to see what AVG would do, and it instantly flagged them as infected.
Scans of all my drives with 3 other tools show them all to be clean. So I'm enchained to consider it AVG being overly cautious. Has anyone else seen this, familiar with it, have any advice or warning?