ClamAV detected CVE-2014-8449 in some PDFs. How do I know if it's a real problem?

We run clamav on all our user-uploaded files. It's currently giving this message for several PDFs:

<filename...>: Pdf.Exploit.CVE_2014_8449 FOUND

Looking at the CVE, it's for a integer overflow in Acrobat. So what does it mean that a PDF matches a signature definition for it? Has ClamAV detect actual code that would run as a result of the overflow, or could this be a false positive? How would I tell?

If there is indeed malicious code in these PDFs, we'd like to stop serving them and inform the users. But it would be nice to know if these are just a bunch of false positives.