This doesn't look like much of anything. It's certainly not wget "thinking github is a threat." That cert says it's for subdomains of github.com, not the root domain. He isn't accessing a subdomain, so the cert doesn't apply. If he'd used www.github.com, it would have worked.