This file is part of keyutils, part of the Linux kernel. If lfd is not checking the hash of the file matches a compromised version (it doesn't), then don't report it. This library has been around and been installed for years. Only when I updated to the 1.9 so version of keyutils yesterday did lfd start spamming me with emails about it. I hate to ignore a file that I might actually want to notice if it changes without me upgrading a package.