If you are running Kali inside Virtualbox inside Windows then the network traffic from Kali passes through the network stack of Windows - and thus through the traffic analyses from Avast. Since it is still common that the packages are transferred using HTTP and not HTTPS (with the argument that they are signed anyway and thus modifications are detected) Avast can thus detect a download of Mimikatz.