I agree. I haven't used CIS for a while now so unsure how "File Rating Settings" is setup compaired to CCAV.
I still think both types of antivirus (CAV and CCAV) should be integrated within one Antivirus module (component) as they both offer different styles of detection (local vs online), although with the default sandbox feature, you could do away with the offline version.
i think currently in ccav there isn't a file rating --> cloud lookup because everything is done by the realtime cloud av.
so, in ccav files are checked online whenever you download, select, copy or move it. in cis (or better, in cfw) files are checked online only on execution, when you try to run it.
that's why cfw is so lightweight compared not only to cis, but also to ccav.
has anyone tried to use ccav with the realtime av disabled? how a file is deemed good, bad or unknown? only by the local trusted vendor list?