This would typically be done via an automated response in the ePO console.
The local threat detection would trigger an event to the ePO server, which in turn can be used to trigger a response.
One of the response options is to send an email.
Take a look at the default response installed with ePO called 'Malware detected and not handled'. It'll probably get you 90% of where you need to go.
Obviously you'll need to configure the email server in ePO first.
...And take note of the aggregation & throttling settings. You don't want to swamp yourself in emails and this is where you control that.
I think you can use registered executables in automatic responses, so when you register the net.exe in ePO you could use it in ARs.