App Version: 220.127.116.11
Malware database: 2019.08.28.01
Phishing database: 2019.08.29.07
So, in further testing, I'm not sure this actually is anything to do with my domain specifically.
It doesn't seem to trigger on the entire domain in general, only the exact second you type out certain URLs containing "invoices", so the one on my own site " hxxp://crm.oxifresh.com/invoices/edit", type the the last "t" and the popup shows up, you don't even need to hit enter and navigate to the site.
I was also tellingly able to reproduce this other domains, like say "reddit.com/invoices", hit the last "s" and it pops up:
Some kind of overzealous protection bug?