Many processes/applications seek to accomplish a task with more privilege than they actually need.
If that privilege is not allowed by the Access Protection rule, you'll be warned about it (or it'll be blocked).
For example, Zen Asset Management is reading a number of registry values covered by Access Protection.
And it is doing so with enough privilege to also Write to those values. It doesn't need to but that's what it is doing.
ProcMon shows you what actually happened, that it only read data. Access Protection saw that it could've done a lot more than that, and warns you.
Thank you for the information.
If that's really the case, then McAfee seriously needs to update their code to put the PROPER information in the log files. The AP Log file clearly states that programs X are trying to WRITE data when in fact, they are not.