Create Reference document to explain Risk in detail

[DennisClark]

Various AboutCode applications (such as DejaCode) depend (or will depend) on the Risk value calculated by VulnerableCode. The details of that calculation, both the how and the why, need to be explained in a Reference document in ReadTheDocs format.

I am volunteering to work on that but I will most likely need input from other members of the team.

This is critical for the five-c (5C: Continuous Code Compliance Control Center) project.