I agree that it does seem like an odd way of dealing with the issue. They rank it as a HIGH severity error, when in fact not being able to access a file that isn’t supposed to be accessible means – as you said – that it’s appropriately protected.
For what it’s worth, now that I’ve resolved the BPS vs. Gravityscan ‘problem’, I’m seeing a similar Gravityscan error for StopSpammers.
To some extend I supppose it’s inevitable that different security add-ons are going to step on each others’ toes, but the Gravityscan people don’t seem to be very friendly about it.