Is this a bug?

I have a ROCCAT Kone XTD gaming mouse and have its associated software installed. Any time I run the ROCCAT Kone XTD Mouse Option tool, the Comodo Behavior Blocker pops-up warning me that KoneXTDOption.exe is unsigned and potentially ‘very dangerous’. I’ve had this problem with a couple other such tools and the little “Trust this application” check box usually solves the problem. But not in this case. Not even manually adding the file to the Trusted Files list helps. Each and every time I run KoneXTDOption.exe, the Behavior Blocker is triggered.

I have no idea what is so special about this file, as it is the one and only file that I can recall triggering this behavior in CIS. All other files that I have added to the trusted list have been ignored by CIS. I should mention I’ve tried submitting the file, but it apparently exceeds the size limit. It’s 69.6MB and submitting it results in the following error, 0x800700df.

Anyway, is there any reason this behavior by CIS might make sense?

FYI:

Windows 7 Ultimate x64
Comodo Internet Security Suite 7.0.317799.4142 (AV, Sandbox, HIPS disabled, Firewall not installed)

Have you tried adding an exception here

Not quite sure I understand your question.

[attachment deleted by admin]

Its most likely the software’s hash changes when it saves settings, hence it becomes unrecognized from the one added to the trusted list.

If you have a download link for the software you can make a post with it in the whitelist thread requesting it to be whitelisted. In the mean time your only other options is to add it to the behavior blocker exclusions as sAyer mentioned.