Since nobody seems to try drawing any conclusions from the information we already have, I've looked over the reports myself.
First, the file report MaronaPossessed gave. Only a few antiviruses detected something. As I said, I know how the patch works, and it does so by hacking the needed data into the original files. A bit dirty method, but it obviously works. Now, the data it hacks in isn't malicious, or else much more antiviruses would flag it. Looking into more detailed information, I found that Symantec (aka Norton) puts it at the lowest threat level, which means there's nothing outright malicious, but it's just not a well-known program. Which is understandable in this case.
As for the site warning in that Touhou Projects thread, it doesn't have any details, but it's just caution-level, which could be caused by the patch, which triggers only a low-level alarm. (That's why you put packages and not bare executables for download, dammit!) If there's an actual threat from the site, Safe Web system doesn't hesitate to put an actual warning level on it, and it's not the case here.
Bottom line, this looks like a false alarm. I'm not a dedicated IT security specialist, but it's easy to see if a site is hacked with malicious goals. I'll be able to tell if that happens to a site I used, so if anything serious actually happens, you can expect me to come running here screaming about it at once.
That said, the idea about a new replay uploader is still a sound one. This one still works just fine, but it stopped being supported back in TD times (it takes spellcard practice as stage practice runs, and doesn't understand Overdrive difficulty), so if anything happens to database, odds are there won't be anyone to restore a backup either.