I just checked that site with Sucuri SiteCheck. It comes up clean, except with a notice that it's using an oudated version of wordpress.
http://sitecheck.sucuri.net/results/gimpshop.com
Then I checked with Quterra, which reports one potentially suspicious file. Note potentially. But that site, which is based on heuristics, not the presence of any actual malware, is only making a guess.
http://quttera.com/detailed_report/gimpshop.com
Could be it's installing adware. Obnoxious but less vicious than a trojan. See
http://www.thesafemac.com/arg/
If Virus Barrier Express doesn't come up with anything, though not foolproof, I'd probably relax. Besides that, since you are only allowing code signed or MAS apps in, and this guy, though maybe disreputable, isn't fly by night using code signing for a quick hit, that's another sign you can relax, especially if your browser and OS are up to date.
EDIT: Well, actually, there's a caveat with what I said about an updated OS. Both 10.8 and 10.7 haven't received security updates in quite a while. And neither has XProect (the built in anti malware program) since Oct 9. Apple is dragging its feet there. Only 10.9 got patched. But I wouldn't let that make me crazy.