Those zips are encrypted, that's why. I have included links to the unencrypted results [1,2], with ~80% detection rate. Notable green checkmark by Microsoft, perhaps FinFisher made extra sure to not get caught by Microsoft's heuristics?
Malware vendors usually use these services to test their load. They wouldn't release anything that would get detected on day 0. And I think antivirus vendors do more in-house analysis only if there are reasons to - such as votes from users, or other AVs detecting the sample.
Interestingly, both files were first uploaded to VT in 2010, meaning that AV vendors have had chances to analyze them.