It does appear to be a false positive.

I was able to get this to return a result in IE as well as several hits in chrome that were reported.

The result in IE was bridge3.186.1_en[1].html

The file is a part of Googles IMA3 ad API. and the 3.186.1 relates to the latest release of the API on Dec 7th.

I don't know anything about it really, my Google searches for this did little to help me understand what this file actually is, but the contents are some CSS and a lot of Javascript.

A debug in IE confirmed it loads from https://imasdk.googleapis.com/js/core/bridge3.186.1_en.html

I loaded this address directly on a test system and a scan directly against the UserProfile\AppData\local\Microsoft\Windows\Temporary Internet Files\low\Content.IE5 and it found it in a subfolder and marked it as Win32/Sonoko

I had a system with definition version 1.259.247.0 from earlier in the day and it did not flag this file, it started with definition version 1.259.269.0 as best I can tell and continues to flag the file in version 1.259.272.0.

I also tested this after going to https://imasdk.googleapis.com/js/core/bridge3.185.2_en.html which pulls down a file for the previous API version and this does not get flagged. The release notes for the Google API simply state" AdErrorEvent.getInnerError() may now return an inner AdError object. This allows checking to see if autoplay failed."

There were threat detection updates for 247, but this does not flag the file, since then 257 was updated with detections, but not for this threat.