The standard seems silent on the actual code to respond with, only that the two lengths MUST match and that HTTP/1.1 agents MUST notify the user.

I would just use the 400 Bad Request code since that is, after all, what the problem is (a request violating the standard) and none of the other 400-series codes seems a close enough match. The x00 codes also define the class of a status so can be used for a generic code.

Keep in mind that the codes are extendable, you can always define your own, and agents that don’t recognise it are required to treat it as an x00 variant anyway (section 6.1.1 of RFC2616):

HTTP status codes are extensible. HTTP applications are not required to understand the meaning of all registered status codes, though such understanding is obviously desirable. However, applications MUST understand the class of any status code, as indicated by the first digit, and treat any unrecognized response as being equivalent to the x00 status code of that class, with the exception that an unrecognized response MUST NOT be cached. For example, if an unrecognized status code of 431 is received by the client, it can safely assume that there was something wrong with its request and treat the response as if it had received a 400 status code. In such cases, user agents SHOULD present to the user the entity returned with the response, since that entity is likely to include human- readable information which will explain the unusual status.