The default settings of Comodo AV: Do don scan files larger than 20 mb.
But, I think this is a weakness of the AV.
I think, a resident shield MUST scan all infectable files, independent of the size!
So, the AV must scan the large, very large files, too. An AV engine detect the file types and content in the background, and e.g. if the engine found a 4 GB divx compressed avi file (avi=not infectable) skip them automatically.
Why is the default setting is the 20 MB?
The reason why 20 Mb is set by default is because of files are usually not bigger than 20MB.
50 MB is what I recommend for the realtime scanner. If you want to have everything scanned then put 100 or 200 MB for the manual scan.
Even if it wasn’t scanned, and the malware got active while executing the Sandbox would have trapped it, it’s a matter of performance v.s. a certain level of % protection you “could possibly gain”. CIS know’s what it’s doing and they didn’t set 20 for the fun of it.
All the parameters are matched against the detections in analyzed by the AVLabs etc so I would not worry (if your running CIS as it’s supposed to be).