These programs acts as a web server, and for this reason, they are included by malicious users in bundles of malicious program in order to gain remote access to victim machines. They are not malicious.

If a user has installed such a program on his/her computer, or if it was installed by a system administrator, then it does not pose any threat.