this has been my experience too.
they once shut down one of my hosting accounts because of some internal security scan they did. They didn't bother telling me what the issue was, they just disabled the site.
It took well over an hour on livechat to get a list of the "malicious files" - every single one of which was a false positive - legitimate third party libraries like adodb, phpGrid and PDW File Browser. One of the false positives was because there was a "very long line of text" in a file. Still no idea why that was an issue. Just for shits and giggles, here is that long line of text https://pastebin.com/enNLL6iR It's part of some honeypot code from https://www.projecthoneypot.org/
During the livechat they admitted their scan was greater than 0% accurate* but shut down the site anyway. They suggested I hire securi.net to scan and clean up the site. It's just a coincidence securi.net are also owned by godaddy.
When I went to cancel the account I was told that as I'd paid annually I couldn't get a refund on the remaining time.
Thoroughly disreputable and corrupt company imo.
*ok they didn't phrase it like that but if these twats want to spin as "not 100% accurate" I can reverse spin. Seems only fair.