something about defense+ whitelist

I have a question about the whitelist.
If the program that trusted by the comodo whitelist is expolited by some crimeware.What will comodo do with it ?
Is it still trusted by comodo then my comuter is in danger.
Please help me solve this problem.I’ve read the comodo product help twice,but could not find the answer。

Comodo recognizes files by their SHA1 file hash. Any change to an application will cause the checksum to no longer match and CIS will no longer recognize this file and consider it suspect.

So if any malware infects a whitelisted application, it isn’t trusted even if it’s on the whitelist.

Thank you for your reply,haha