I received a notice, as well. I also use NameCheap. I'm assuming that since it is only a read-me file, it doesn't affect functionality of the plug-in. However, I don't want any negative impressions with my hosting provider that my sites are vulnerable to attacks.
Any updates on this issue? Thanks!