The current "hard-coded" way of ClamAV antivirus scanning implementation is not scalable - any improvements to virus scanning needs to be done to existing code, making it more bulky and difficult to use something different than ClamAV (e.g. on non-linux platforms).
The most straightforward way to eliminate the scalability issue is to re-implements antivirus scanning using plugins infrastructure. This will allow further improvements of ClamAV (which will become a core plugin ) and allow external contributor to design plugins for other antivirus products.
This meta issue has been created to combine core improvements to anti-virus scanning in Moodle.
Forum discussion is here.