1. What actually happened or you saw:CCAV currently doesn't protect against fileless malware:
If by fileless malware protection like the one you get with CIS then I don't think they have implemented it yet. e.g. when a trusted application running outside the sandbox is exploited to run commands passed to interpreters such as command-prompt or powershell.
2. What you wanted to happen or see:Add an option (in Advanced Protection Settings) similar to "Do heuristic command-line analysis for certain applications" already available on CIS/CFW
3. Why you think it is desirable:To improve protection
4. Any other information, screenshots etc:See attachment