Using the FPCCacheContents Object I was able to force-cache any file I wanted for any duration I wanted. 

1.  I downloaded Cain&Abel executable from source #1 and Kaspersky blocked it.  I verified that traffic was coming from souce #1 with Wireshark.
2.  I force-cached Cain&Abel executable from source #2 to avoid IE caching or anything that might invalidate this test.  The item now exists in ISA cache.
3.  I downloaded Cain&Abel executable from source #2 again.  I verified that traffic was indeed coming from ISA Cache with Wireshark. 
I turned up KAV log files to Debug and verified that the Cain&Abel executable has not been flagged the first time it was downloaded.  Kaspersky blocked Cain&Abel from ISA Cache.
 
Conclusion:

• HTTP Kaspersky engine interfaces with cache and routed requests. 
• Anything can be forced into ISA cache.

See the ISA Monitor Utility for cache control.  http://sync-io.net/IsaTools.aspx

I recently came across MalwareDomains.com.  They provide a list of domain names that have been associated with malware.  The list contains over 21000 valid entries and I have decided to integrate it with ISA 2006 since it's rare to find such a free resource that is actually kept up to date.

The import tool is available here: http://sync-io.net/IsaTools.aspx

Basically, you're able to import the domain.txt file into ISA as a URL or DNS set.  Then you just set your deny access rule and away you go.  This utility can run as a scheduled task.