I originally reported this problem in the first beta of 3.8, and it now occurs in the latest CIS release 3.8.64263.468. This issue forced me to stop using the beta and revert to CIS 3.5.57173.439 which did not cause this problem.
The Detect Shellcode Injections in Image Execution Control Settings in Defense+ is the Buffer Overflow Protection that was incorporated into CIS to take the place of the stand-alone Comodo Memory Firewall. Executables that were hogging CPU resources could be very effectively added to the CMF Exclusions list to drastically reduce excess CPU usage. The Detect Shellcode Injections has this same Exclusions option. Just add the running process or executable as an exclusion by clicking on the Add button and choosing Running Process or Browse (to locate the executable) and then add it and see if that doesn’t take care of your excess CPU problem. Back when I had CMF installed, prior to this last CIS Beta, which incorporated Buffer Overflow Protection into CIS, I had to add two or three executables into the CMF Exclusions list to keep CPU usage from getting extremely high. This worked very effectively for me. But since CIS incorporated Buffer Overflow Protection, I have not had to add any executables into the Exclusions list. But that would be the first thing I would try if I found an executable hogging CPU resources.