The download archive for InvoicePlane 1.4.10 definitely does not contain any viruses
Here are the results for a Virustotal check of the official download file for 1.4.10 with the MD5 hash b0fe41d6d1aff2a8c9aa2fd9d126f790:
https://www.virustotal.com/de/file/10175812ecbf8fc84102640217321d637bdcf65230c60642f885fdcec732bd6e/analysis/1479028269/
Also, {HEX}php.exe.globals is associated with false-positives by cPanel if you search for it on Google.
You may unzip the archive locally and upload all files separately to your webspace if cPanel doesn’t let you upload the archive.