Hello,
Assuming you have eliminated the possibility of a false positive by consulting VirusTotal and Hybrid Analysis, please see answers to your questions below:
1) Check Point have created sk106019 to cleanup infected systems. Feel free to follow it and advise results.
2) There are usually multiple infiltration channels through which malware can be delivered. The affected host could have been infected in a number of different ways; including from internally as well. Since you use Bitdefender for EDR, I would advise that you investigate the delivery method as it should be shown in an illustrated, graphic way (that is something I have done myself in the past).
3) You can remove it with Bitdefender but again, you should also be able to achieve the same result with the sk mentioned in step 1.
I hope this helps.