This is the link request attribute in the FileVersionInfo class that he is talking about:
[PermissionSet(SecurityAction.LinkDemand, Name="FullTrust")]
This is well documented in an MSDN article, but it is not always easy to overwrite an FxCop message. I personally find Reflector quite handy to sort this out.
The need for a link is a very cheap demand for runtime validation. It is executed at compile time only on time, only once and only checks the permissions of the immediate caller. A possible security leak is due to the fact that later your resource may be called by another code. Such code will not receive the same request, because your property does not have an attribute and it is already a fraction. You must apply the same security attribute.
This will only be a problem if such code works without FullTrust. It is difficult to come up with such a scenario, you will need to create your own sandbox and set your property on such a sandbox. In case you are wondering about the impact of security on the ability to check the version of a DLL: to know exactly which version of the DLL is used by the program, it is very important to determine the attack vector.
FxCop is not smart enough to detect such scenarios. It really is a tool that just emits warnings about things you might miss. And you probably did it. CAS is otherwise quite difficult to understand, I struggle very much. And everyone else, because of this, it is deprecated in .NET 4, replacing it with a syntax model for security. Wise move, security that is incomprehensible, unsafe.