Owner here. Some tests are just checking the root / to test the server. If the / directory is served by a scripting engine, the vuln related header will not be processed. So the checker will say "Cannot discern patch status of .... This most likely means it is not vulnerable.". But no. It may be vulnerable. Just check that site with my app, and you may see the difference. My test code tries to find a static file, and sends the request to that static file.