I have edited the registry, which I can easily do – however, if the fully virtualized software executes and is found to be safe, how do I get that on to my machine (e.g., out of the virtualized area?).
:110:
There is no way you can get it out of Virtualisation yet.
You can safely empty sandbox and you can install/run that application freshly outside virtualisation if you are really sure that it is safe. You can add it to trusted files if you trust it.
CIS always allows user to edit the registry, system files and folders. CIS allows the user to do everything he or she wants (also dangerous actions) however those behaviours are not allowed to unknown programs.
CIS is the nanny of program behaviour it is not the nanny of user behaviour. In short because the user is allowed to do things it does not mean unknown program are also allowed to.