Im using ESM 10.2, how can I create an actions(command) to invoke deletion of the detected trojan/malware? via ESM
You can use the remote command feature. You will probably need a tools server/jumpbox to execute the remote command on. Remote Command can use SSH and run your script on your tools server.
Use ePO tagging. lots of docmentation available. Create an Alarm, associate alarm to ePO Tagging, that will automate for you.