csv2dat.exe is used to update magic.exe (from manalink.csv). thats the injection thing.
if you don´t use the skymagic(or simply excel) editor to mess with the cards you can erase that file without any problems.
the t1/t2/t3.exe files delete your decks in your playdeck folder (will get detected as malicious obviously) and place the files into the holding folder(within your playdeck folder)and copy the T1 / T2 / T3 decks out of the holding folder to your playdeck folder.this way you will always play against same tier levels in a gountlet.i´ve personally never used this feature and deleted the files aswell.if you don´t use the feature -> delete the files and your antivirus will never bug you again.
the draft.exe does something simmilar. if you play a draft the opponent decks (and your own) will be saved as deck files in your playdeck folder. all the exe does is delete these draft-decks so you don´t have to delete them manually when you want to play another draft.
the exe deletes stuff so it will get detected as malicious aswell.same as above.
so if you don´t use the features you might aswell delete the files and will never get bothered by your antivirus again.
i don´t understand why jatill keeps uploading them - pretty much all you need from the patches are the magic.exe and maybe the config.txt after major changes.
there could be a link in the wiki to download these files whenever people feel they need them.
this is like the fifth time i have to write about this false alarm thing, and with every new patch i get the same messages from my antivir from the same files that i don´t even use