Actually this VT doesn’t rely on any version (it is not a version check) but “actively” checking for this vulnerability as indicated by:
The Active Check part in the script name
The Detection Method content Sends a crafted HTTP GET request and checks the response.
The currently defined remote_vul (99%) QoD
While looking at the done check within the VT the reliability might not be that accurate against every system. The QoD has been adjusted now to remote_analysis (70%) to better reflect the reliability of it (see below).
Those changes should arrive in the feed in the next few days. If it has been verified that the system is not affected an override for this result could be created accordingly.
Remote checks that perform some analysis, but may not always be completely reliable depending on environmental conditions. Narrowing down suspected false-positive or false-negative edge cases may require analysis by the user (see Chapter 11.8).