How to check for false positive from anti-virus
Solution 1:
A "false positive" is defined as when the anti-malware software detected a problem, but it wasn't actually malicious. There is no surefire direct simple process that will 100% rule out a false positive. If there were, we would automate that technique, and make that part of the anti-malware software.
So the answer to your question,
"Is there any manual way to determine definitively".
is: only one. That way is to manually analyze the threat, which you said you did in Notepad. If you applied sufficient expertise (e.g., understand the format of the file, and what it can do), then you've done all that you can "definitely" do. That is all that the world's best anti-malware authors/experts can do. There is nothing else that is more "definitive", nor any other simpler process that is "definitive".
One approach you can use is to cast this up to a vote. Upload the file to http://VirusTotal.com and quickly see what other anti-malware thinks of the file.
Anti-malware software vendors will often publish further info, about detected threats, on their website. Searching for "Kaspersky Threat Database led me to Kaspersky VirusWatchLite, and then you can enter "trojan-downloader.win32.pif.xx" into the filter box. This tells you that Kaspersky added the threat in April 2010. Unlike some other threats, this threat doesn't seem to have a hyperlink to more info.
Or you could try searching for "trojan-downloader.win32.pif.xx" on the web. This showed me that "trojan-downloader.win32.pif.us" had some info about it, with the top Google search result being the Microsoft hyperlink that you provided. So, it appears you already found that path to check out.
In the end, since the process of determining if something is actually malicious is making a decision that is not completely automatable, ultimately you must make your own decision.
Update: I now see your update. (I don't know how I missed it before.) I see you found VirusTotal as well. Well, it looks like you're finding the correct approaches. Consider my answer to be a vote of confidence that you're doing the right things. Consider yourself satisfied. Or, if you can't do that, play around with it some more, learning about the exact format of a Windows shortcut, and checking every single byte in a hex editor.