Ah ok, I think I know what causes the pop-up.
We sign the BoxCryptor.exe executable with our code signing certificate and also timestamp the signature - this is required to have a valid signature, even after the certificate expired. We use the timestamping service provided by Verisign/Symantec and I think these connections are made to verify the signature timestamp (and are actually performed by the operating system, not by BoxCryptor).
You can find more information here:
Timestamping ensures that code will not expire when certificate expires. If your code is timestamped the digital signature is valid even though the certificate has expired. A new certificate is only necessary if you want to sign additional code. If you did not use the timestamping option during the signing, you must re-sign your code and re-send it out to your customers.