The way that the Comodo Sandbox currently works is that any unknown file will be automatically placed in the sandbox. It doesn’t matter if it’s suspicious or not. In this way no malware, not even the type that seems safe, can actually infect your computer as it will be automatically stripped of most of its its rights.
This, however, leads to the problem of the legitimate applications that haven’t been verified as safe by Comodo also being sandboxed.
The way you deal with this is that when a file is sandboxed you will receive the popup in the lower right corner of the screen telling you the file has been sandboxed and you don’t have to take any action. If you choose to see more details it gives you two options.
Leave the file in the sandbox
Do this if you’re not sure if the file is safe or not.
Never sandbox this application again
Choosing this will add the file to your safe files list. Only do this if you know the software is safe. In this way you will never receive another popup for this file again. Comodo implemented this, along with a few other additions, in order to make CIS more usable for the average user. There are now far less Defense+ alerts that people have to answer.