From the sounds of it there are two issues occurring:
1. Applications are not able to parse the proxy.pac file, resulting them to pass through the proxy for internal sites, which is unwanted behavior
Perhaps other peers on the Community can shed light on behaviors observed with applications not parsing the proxy pac properly.
2. Need to exampt those applications from authentication on a wider scale
This is outlined in a KB article on kc.mcafee.com, if you are a registered user, search for 'KB64005'. This article outlines how to exempt URLs or Applications from authentication. In your case you have stated that you are already exempting URLs from auth, but in this case you may be able to do it based on the User-Agent, you will just need to find the User-Agent string for which that application uses. This can be found in the access log, which can be viewed under Reporting > View Log Files, then click the view icon for the desired access log.
As a side note, when using the KB, on step 4, bullet point 1, use User Name, instead of Group Name.