just did a scan and MS security essentials found this.
could be unrelated to GOG actually, just figured I'd fyi.

Interesting. False positive or not, I doubt that the game will execute that file from the CD image - so it won't be a security risk. GOG should perhaps remove the file from the CD so people won't have to see the warning though.
I tried downloading the original ar40eng.exe from [url=ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/4.x/ar40eng.exe]ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/4.x/ar40eng.exe[/url] - Microsoft Security Essentials found no infection.

The file on the CD and on that FTP server are not identical. The link you gave (one must manually download from [url=ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/4.x]ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/4.x[/url]/) also gives no virus alert while the file on the CD (i.e. the GK1.GOG file is found to contain the W95/CIH virus. I also suggest GOG to remove that ar40eng.exe file or replace it with the one from the FTP server.
Windows 95/98(/ME?) users must be VERY CAUTIOUS! It's the Chernobyl virus that can format the harddisk, destroy 80386 hardware(?*), overwrite the BIOS etc. Normally the virus attacks on April 26th but some variations also on June 26th or any 26th of a month.
The virus does not infect Windows NT/2000/XP.
Source: http://sophos.de/security/analyses/viruses-and-spyware/w95cih10xx.html
* Since the virus appeared first in the Pentium age, I'm not sure about this, only read it in some forum.

I managed to delete the suspicious file from my installation by extracting the content of the GK1.gog file to a folder, deleting the ar40eng.exe file from the extracted folder, and repacking the folder back into a GK1.gog file. I booted the game and it seems to be working fine and the file in question is definitely gone.
Edit: Disregard the info above. The 'new' GK1.gog file didn't worked at all.
Still, this is a bit unsettling...
And thanks for the heads up Wec.

Interestingly, I googled this and I found a few references to Gabriel Knight 3 disc 1 being infected with the CIH virus, in the exact same file -- ar40eng.exe. Looks like it wasn't the first edition, but a later "Sierra Bestseller Series" release. If true, this could mean that both infections come from the publisher and were present on the official discs, at least the re-released ones.

it's important to note that it was CIH Remnants - left over pieces of a virus, they should not pose any harm by themselves. however disconcerting.

It'd be really awesome if you could tell me exactly how you did this. I'm not quite sure what kind of archive or image the *.gog filetype actually is underneath the extension (though it's clearly not compressed), and having it interfering with my virus scans is getting troublesome.
Also, as odd chances go, today would be the 26th, and it is just as you say, disconcerting.

Well, i don't have god news for you then.
At the time i posted that i just wanted to see if i could geat read of the suspect file, and to test if the game was working after the changes i made, i basically just fired up the game and watched the intro, and everything was fine there, so i figured everything else was ok and never gave it a second thought or tried the game again.
But i just went back to test a bit more after seeing your post and apparently i was fooled by the fact that the game boots and the intro plays just fine even without the GK1.gog file in the game folder, so 'my' GK1.gog file is worthless, as booting the game with or without it in the game folder leads to the same result: game starts, intro plays fine, but there's no speech after that, which is the same thing you'll get if you just remove the original GK1.gog file from the game folder btw. So as it turns out i didn't get anywhere with this at all.
So, i'm sorry, my bad. I should have looked into it with more attention at the time, but back then my main concern was to see if i could get read of the suspect file. In any case what i tried at the time was to convert the folder to a file, without compression, and then a quick and dirty renaming of the extension. Obviosusly there's more to it than that, as the game doesn't pick up the renamed file at all, but at the time i thought it was worth a shot anyway.
I'll edit my post above to reflect this.
Again, i'm sorry for the incorrect and incomplete info on my other post.
As for your AV scan problems, you can always set an exclusion/exception for the GK1.gog file.

I just redownloaded the GK installer today, and it seems that GOG has made a new iso file excluding the manual folder and thus the file that is considered to contain a virus.
So the issue should be fixed now.
Just redownload the installer and reinstall the game