Really a hit and miss. Example. I was using JavaRA. Which is a well known program and is trusted. I set D+ to trust the application. I noticed in computer security policy. It is set back to Custom. Why is it doing that? I put it back to trusted application and had to reboot my pc for another reason. I look again and it is right back to Custom.
The trusted application is allowed to do anything except run an application. If defence+ is learning and considers your application safe it will learn every time your application run another program. If it does this it will become custom as it need to add the extra permission but I don’t think this makes it any less trusted.
Is this what is happening?