Deactivate and delete. The plugin is closed and no more maintained.
mirphak discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress CalderaWP License Manager Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.