Trusted malware

I have a malware file and CIS says that it is safe.
It puts it in Trusted Files.
After some time, CAV gets signature for that file but does not detect it cause it is safe file.

Does CIS eventually scan Trusted Files and remove false files automatically or user has to manually execute purge action?

I have had this problem quite many months now. My Defense+ is quite useless because it lets malware through without restricting or sandboxing it. The files can be found aftrerwars from the trusted files list. And this happens when I test it with proven malware.
I have written about it here in forum but without any help. I have tried to disable other background programs in hope that some of them does something that makes the file seem safe to D+, but without luck.
Now I am waiting for v, 6. with completely new systems.

Can you please verify which program’s have ‘Installer/Trusted’ on your D+ Policy.
And is explorer.exe one of them ? or do you use other file managers?

One explorer.exe can be found from trusted files from path C://windows/sysWOW64/explorer.exe. No other file managers used.

Is there anything you do that makes this reproducible?
If you remove it from trusted files, reboot and try again does it get added to the Trusted Files list again?

It has always helpedwhen I have removed all trusted files and the rebooted. D? reacts to some unknown programs and sandboses them. After a couple of minutes usage nothing is sandboxed or restricted.
I can ty something by removing this entry only.