That code in the GoDaddy plugin is intentional but also unsafe. They should use passthru not include so that if the images contained PHP code it would not be executed (bad coding on their part).
You can fix that threat or ignore it, it won’t make any noticeable difference on your site and it won’t affect the HTTPS issue you are having.
You should make sure your “home” and “siteurl” values in the wp_options table match up with what you have instructed google to index in your sitemap. Also make sure there are no .htaccess redirects to the site without the HTTPS if you want to use the secure URL.