Unless...
The files are included in torrents, or e-mailed to a user? You seem to be expecting google to administer the whole internet, which is not their job, they offer some tools to warn you about potentially malicious sites, but end users will frequently click through the warning, or - for the obvious reason - Google won't have a warning in place for that particular site.
(Hint: The obvious reason is that it's impossible to make a system 100% impervious without dedicating a disproportionate amount of staff to it, and having that staff never make mistakes. Google's system, I believe, is automated, and needs to be updated to deal with emergent threats, they can't make it too automatically strict as it will make lots of false positives).