apt-get update && apt-get -y upgrade
as David Favor told you above, at least once in a week.
Is there a way to do that without using up too many resources?
zgrep FANOTIFY /proc/config.gz
The only way to maybe get this to work will be to compile it yourself.
You could take a look at ClamAV - http://www.clamav.net/ - Free
I've been using it for years on my mail servers and to scan my servers.
Avast has a Linux offering - https://www.avast.com/en-us/linux-server-antivirus - Be warned though, It's 159.99 per year
I've never used their Linux protection, but Avast has never let me down with Windows protection. Worth looking at IMO