I use Wordfence plugin which scans server side plugins with original plugin files to see if anything was modified by hacker/cracker. Today I got a warning and it shows these modifications on /w3-total-cache/lib/W3/Cache/File.php
should I be worried? Last time I read there is a W3 exploit going around.
That security hole in W3 Total Cache was associated with data leaking through an exploit, and not explicitly with hackers changing code (that could happen afterwards, of course, but what you show isn’t this). The exploit has been fixed so just make sure your plugin is up to date. If unsure, disable / delete the plugin, then reinstall afresh from the plugin repository.
That isn’t to say that you haven’t been hacked, of course. Look for other signs, like core files with dates different to neighbouring files, folders that shouldn’t be there, etc. Have a read of the hacked FAQ on wordpress.org for starters.
No one can give a “no” as an answer without inspecting your installation, but many times security breach will manifest in theme files and not plugin files (if at all, sometimes the hackers just want to place and serve malware from your server without affecting your site).
When a plugin has an exploit it doesn’t directly follow that its code can be changed, so even if your W3CT files were changed it doesn’t follow that it is because of an exploit in that plugin. If there is an exploit it might be in another plugin, in the server, or in the admin’s computer.