Sorry for the confusion. You have something of an atypical situation, that is leading to a judgment call on your part.
Normally, learning mode is used for a little while, allowing CFP to create a list of allowed components. During this learning mode, those components are presumed good. Then, later, CFP is “turned on”, and any unlearned component will be questioned, and you’ll get a prompt/alert to say it’s okay, or not.
But, having run learning mode for a very long time, all those learned components are now presumed to be okay. But are they, really? If even one is not, and you “turn on” CFP, then that component is an opening into your machine which you think would be secure. Staying in learning mode still leaves the opening, but you know it is not doing the blocking that it would otherwise be doing.
So, you have a judgment call to make: do you trust the list of components that CFP has learned?
If you do trust that list, all of it, each and every item, then you can “turn on” CFP.
If you don’t trust that list, then staying in learning mode won’t hurt you beyond what is already on your machine, and is a reminder that CFP blocking is not set.
Does that help?
At worst, you could make note of what your CFP network rules are, then uninstall CFP, then reinstall CFP clean, and turn everything on to begin with. That would remove everything that has been learned so far, so there wouldn’t be the question. CFP would block/prompt/alert you to everything happening, which could be a bit overwhelming for a day or so. It would allow CFP to have a known good list of things allowed on your machine.
That’s some bit of work, and annoyance over several days, but it would have CFP at full strength protection.