Trusted files put in sandbox

I’ve been using CIS for sometime without any problems but today it has started putting program files like swriter.exe and soffice.exe ccc.exe (ATI) into the sandbox.

I don’t understand why this is happening when I have been using Open Office again for sometime.

The ATI catalyst suite gets updated monthly. ATI/AMD does not digitally sign ccc.exe ( I checked on my own system) so it is not whitelisted by signature.

Since it gets updated the cloud look up will always be running after the facts. I checked with Catalyst 11.3 and ccc.exe is considered safe; I did a look up from View Active Programs and it said it was Safe.

What happens when you do a look up for these two files? Do these files run from a disk that is in your computer or from an external disk (USB drive, USB stick, network location, encrypted partition)?