When you get an autosandbox alert you may wish to be cautious and keep the file in the sandbox, but not want to be reminded it is there on each reboot or run.
So the autosandbox alert could have an option to ‘Run the program in the sandbox until I say otherwise’. This would simply add the program to the sandbox as if you had added it using ‘Add a program to the sandbox’ with limited, non-virtualised privs. (An option to virtualise it might also be offered?).
This would also help people manage some of the ‘cannot make file safe, so I get repeated alerts’ bugs until these can be resolved.