Malware

WordPress. Wordfence finds spy code in child theme?

In general, the Wordfence plugin began to find this:
Filename: wp-content/themes/twentyfourteen_child/functions.php
File Type: Not a core, theme, or plugin file from wordpress.org.
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: function php_execute($html){\x0aif(strpos($html,"<"."?php")!==false){\x0aob_start();\x0aeval("?". ">".$html);\x0a$html=ob_get_contents();\x0aob_end_clean();\x0a}\x0areturn $html;\x0a}\x0aadd_filter('widget_text','php_execute',10...
The issue type is: Backdoor
: PHP/evalfunction.6810
The jamb is in this code:

function php_execute($html){
if(strpos($html,"<"."?php")!==false){
ob_start();
eval("?".">".$html);
$html=ob_get_contents();
ob_end_clean();
}
return $html;
}
add_filter('widget_text','php_execute',100);

Here is a complaint about this code in a child theme.

Previously, I had this code for six months, and nothing went when scanning. This feature displays the latest comments. That is, it adds a widget that shows the latest comments. It also removes the title of the page widget. I don't remember where I found these codes. What articles.
What do you advise to do? Wordfence insists on deleting the entire functions.php file. But for fun, I just removed the code above. After that, he calms down.
What to do: look for other features to display the latest comments or a better plugin? I think through child theme code is better. What do you think? Or keep ignoring Wordfence? Write.