It would only require the disabling of some of the AV services.. and the core Process (assuming windows here)..
D/L the new RAT/Trojan ..Install.. now you just need to disable the AV .. several Virus have done this.. Yaha being one member of that family.. Once running the virus allows the AV (I have seen this with NAV) to appear to be runniing.. .. but it won be updating..
Now if your placing a RAT.. weeeeelllll. why not just emulate the AV.. the odd fake find and the user has a false sence of security..

dat help?

Or this.. the defs are in a data file usuely in the AV Program Folder.. I,M sure you could find what your after in there.. edit the data file.. poof .. knackerd av def file..

probably easier said than done.. have never played in that part of the park..