How would you recommend handling false positives that stem from backported patches?
For example, Nessus use their custom backport.inc (https://community.tenable.com/s/article/How-does-Nessus-Handle-Backported-Patches) to convert detected banners to their ‘real’ equivalent, is there something similar that I could do with OpenVAS?
If you run a authenticated check, you can activate auto-false positive. If a back port is detected, the result will be automatically masked as false positive. Additional Quality of Detection helps you to deal with banner detection by filtering to only relevant results with a high QoD score. Please note GVM does contains this features OpenVAS is EoL.