We got a small problem, while we are installing software on our servers (a thing that happens infrequently), we are faced by a very high cpu load with mcafee threat prevention services. We though of disabling on write scanning or excluding the installation files, but this might really put us in security risks. We face the problem while updating the servers to with Microsoft Update. We also thought of adding the specific certificates and signatures of Microsoft and the vendor software, unfortunately we are unable to figure out the way to do that, and we don't know if this will actually solve the issue. For now we are disabling on access scan when installing new software and enabling it afterwards.
Thanks a lot everyone.