I'm going to be blunt, hope you don't mind ;)
Your software is clearly total junk, as it is horribly broken. You appear to be forgetting that commercial "security" software depends on producing sufficient "noise" to give the continual impression it was worth the money you paid for it, regardless of the quality or accuracy of that noise. Norton is a great example of this, a constant nanny shouting "danger" at every turn for entirely spurious reasons.
Would you like a spam filter to block all mail from Hotmail just because one spam came from their server? In this case, your software is doing something similar: it ignores the fact that an IP address isn't always unique to one server or one site, and so you get a HUGE false-positive rate. So of those 666 sites sharing one IP, only one is evil ;) the 665 others are false positives. This is the software's fault, not the webmasters'.
There is no such thing as a "trusted" IP, or hosting company. The latter, however diligent, isn't responsible if I don't update my CMS and get 0wned. Those whose sites share my mythical "trusted shared IP" aren't responsible either - whatever some noisy anti-virus program that can't handle HTTP/1.1 says.