If your web scanner flags this header, it is likely just reading the version from the HTTP response. You can disable this header in your web.config file to reduce information leakage.
Historically, vulnerabilities affecting the .NET Framework 4.0 runtime fall into three major high-impact categories. 1. Remote Code Execution (RCE) via Deserialization microsoft net framework 4.0 v 30319 vulnerabilities