It can be hard to understand sometimes why and when antivirus software picks up on something, because of the secrecy around the products. They don't exactly talk about how their software works.

For example, I put JohntheRipper on one of my computers recently and it took the Norton about 2 weeks to flag it as a virus (a false positive). It could be that bitdefender does incremental background system scans and only found it after two weeks. Often times av software won't find something until it is in use, or if it gets scanned on its way onto the system, such as email scans or download scans. It is possible that NSIS was packaged in a way that bit defender couldn't scan it well on its way in, so only caught it during a system scan later. Also realize that these AV software companies pad the number of "viruses" that they can find by adding software that isn't really a virus (such as johntheripper) to their lists. They will also lock onto software that behaves in a certain way, such as creating a bunch of process hooks, etc...
Anyway, I wouldn't worry about it. It is probably just a false positive. I would re-install it from sourceforge and then tell bit defender to leave it alone.