I have experience in SQL Server 2005 Production environments, and on Oracle as well. You are right to anticipate that SQL Server shouldn't be having any other applications. AntiVirus retains a lock on the files if they find the file to be suspicious (and you definitely don't have much control on this definition). Even if the antivirus scans through the files remotely, even then this issue or concern would remain persistent.
You rightly said that there are minimal chances of database files receiving virus infection. Though if really is required, then I would suggest you get copied files in place and scan them, rather than scanning attached database files. If you find backup files infected, you always have an option of validating the original files.
On a side note, I never encountered situation where DB files were infected from virus.
_____________Vikas S. Rajput