Helpful or not, I'll leave to you, but I believe ISA Server best practices suggest NOT using any file-based AV on an ISA server - that is, AV that protects the host ISA machine itself.
Perhaps based on the assumption you follow general ISA best practices, including a locked down security template, as few access rules involing the Localhost network as possible, and no RDP to the ISA itself - only 'remote administration' from an ISA console somewhere else on the network, and probably most importantly no web browsing from the ISA itself.
See the ISA 'God' Tom Schinder's blog on the subject over at isaserver.org:-
I run ISA 2006 STD on Windows 2003 R2 SP1 as a back-end firewall. I run epo4 internally managing 600 clients. I have not put any Mcafee AV software on the ISA at all, including the agent.
In summary, if your ISA is setup securely, you don't need file-based AV. If your sever has the spare capacity to take the performance hit that comes with VScanEnt 8.5, then it is probably not going to cause you any problems other than opening up the epo agent-server port and your chosen protocol for picking up updates http\ftp\cifs from the loclhost network.
My two pennies worth as an ISA and epo admin anyway! Good luck!
You can use it on the ISA but you have te Exclude all the folders that belong to ISA (Program files, Cache) and SQL server (Log folders etc). Also exclude folders from third party add in software. We use McAfee SecurityShield for ISA Server.