My understanding is that this siganture will block all executables except the ones in the exception rules.
Not all executables will be blocked. Any exectuables listed in the Trusted Applications policy will be allowed to run. Any other exectuables that you need to allow to run, you should create an IPS exception for those exectuables and Signature 6011. Also please note Host IPS Best Practices for policy assignments in the Product Guide.