Had this one too. This is probably because the signatures files db from clamav contains malware signatures that triggers windows defender. 

I would recommend to uninstall windows defender on servers running a mail server that already uses another antivirus engine. 

It adds more problems than it solves. As smartermail is storing mails in daily files. If one mail contains a signature recognised by windows defender, it would quarantine a whole day of mails for the mailbox.

Hello Keevin/Sebastien, thanks for reporting this, this is something I'm looking at internally now. It looks like either an update to Defender, or a change in our own code resulted in the exclusions not being registered any longer. This leads to Defender finding the ClamAV signatures and starting to quarantine those files and others. This shouldn't happen, so I'm checking it out here in our test environments and will update you as I find out more. In the meantime, you should be able to resolve this with these instructions here:

https://portal.smartertools.com/kb/a3249/windows-defender-and-virus-scanner-exceptions.aspx