Wordfence found this file in my WordPress directory and flagged it as malicious:
Apparently, this has something to do with Installtron. What is it and should I be concerned?
Yes you should be concerned. Does WordFence recommend next steps? You may want to take a backup of your site and manually delete this file.
You then want to check your security of all your accounts and make sure non have been compromised. Let me know if you need some more help. You most likely have an out of date plugin/theme/WordPress core.