After analise this issue, we understand that the Qualys Appliance do not validate version of application or the RFC 5746 applied, to indicate that is vunerable.
The single test executed is: if reply to Renegotiation or Not.
Where the correctly is validate the response:
"Secure Renegotiation IS supported"
"Secure Renegotiation IS NOT supported"
And version of the application.
I am correct?