That doesn't seem to be a problem in any other field of security in the world. If you steal a shirt from a shop you'll get told whether they hace security footage of you stealing, an alarm went off or a security guard saw you.
It might be more convenient for google to not say, but it's pretty disrespectful towards clients that choose their platform to make a living and might get caught as a false positive.
"Your app has been removed because it was found to be malware. Please reply to this message if you believe this to be a mistake." Doesn't help malware authors at all.
They apparently don't offer an easy way to contact someone if there is a mistake or get a human to check the algorithm has correctly identified malware of it if has flagged a legitimate app.
There is a very simple solution. Have a competetent reviewer look at the code and decide whether the intent is malicious or not.
If the intent is clearly not malicious and no rules were broken, the reviewer should file a bug report to fix the virus scanner and reinstate the developer account. No further explanation required.
If rules were breached but it may have been done in good faith, issue a warning to the developer and explain in general terms how to fix the problem. Charge a review fee high enough to deter any abuse of the review system.
It scales just fine if they charge enough to discourage abuse. Also, the law should frankly require them to offer proper conflict resolution if they run one of two commercially viable app stores.
Apparently he had zero trouble with antivirus apps fixing his situation. But I guess Google is so special it can't accomplish what companies with a fraction of Google's budget or manpower can do.
It might be more convenient for google to not say, but it's pretty disrespectful towards clients that choose their platform to make a living and might get caught as a false positive.