Here is what I learnt when I had this type of problem with Norton.
This is for Windows and assumes a typical standard install onto the desktop.
First the whole Tor browser is just a drop-in folder onto the desktop.
Set the option to NOT auto-update but only give a notice.
When a notice comes in, copy the whole folder to somewhere else like a USB stick.
Do the update.
If your AV thinks it is a malware just delete the whole folder from the desktop then drop the backup folder back on to the desktop.
Problem solved.