(Not sure if a bug.) It looks like jd's "Upload Files" via the backend requires that the upload directory lives within JPATH_ROOT, due to the call
$targetDirCleaned = JPath::check($targetDirWithSep);
But this isn't checked for when the upload directory is configured in jd's "Upload directory path". Also the "auto discovery" of new files manually uploaded to the jdownloads upload area, and the front-end upload procedure do not check for this.
Could I suggest this check isn't done, as there are good reasons to have the upload directory outside of JPATH_ROOT.