Disable? I would just create a policy that disabled the firewall, IPS, or whatever portion of HIPS and enable it to that group then. Then when you stick systems in that subgroup, that policy will apply to them via ASCI or wakeup, whichever comes first. Is that what your goal is?
If you realy want to disable HIPS on this folder then you just need to disable firewall and IPS through HIPS policy