My understanding is the company is legit and serves businesses in managing their cash flow. If you have not signed up with them for your billing needs, there is no reason for them to contact you. If you made a payment to a company that had signed with them, there may be a reason for the email, though I doubt it.
It is a legitimate business so you might try to contact them (
Contact Bill.com | Customer Service | Sales | Request More Information | Bill.com) and ask about the email and ask if the email address you received is real.
edit: LeeH posted as I typed and I agree with his assessment. This is a variation on a scam to install a virus on your computer. Trash the email.