It is quite normal and you should not worry about it . Even in Higher compatibility
mode you remain protected by all NOD32 modules. I some times had such problem with IE6 .
Here is explanation of the modes , from the NOD32 Help file
IMON works in two modes: „passive“ and „active“. In passive (higher compatibility) mode, portions of a downloaded file are continuously passed on to the target application whilst IMON stores a temporary copy of each of the fragments. When the last fragment is detected, the whole file is scanned for viruses. If an infiltration is detected, a warning window appears and the connection with the particular server is terminated. A disadvantage of that is that the already downloaded portion of the file may already contain a fundamental portion of a malicious code. What's more, if the application repeatedly attempts to download infected file, it may use the already downloaded data and request only the rest of the file. In such case, IMON may not find nothing suspicious in the remaining portion.
In active (higher efficiency) mode, IMON first downloads and scans whole file and then passes it on to the target application. This procedure is safer because in the case of an infiltration the application does not receive any portion of the downloaded file. A disadvantage is that the application receives all data at once, therefore it cannot show the download status properly. Therefore, if the download lasts for more than 5 seconds, a small window showing the dowload progress pops up beneath the system tray. Active mode is not suitable for certain types of data which requires a continual data flow (e.g. multimedia, streaming video/audio).