Moving to vse as this is more about AP configuration than ePO - thx.
I think you refer that the AP is blocking to run files from Temp folder. I have seen this behaviour in the past and the way is to create the new name of the file which is trying to run from temp folder. I think this is a bit pain but since this rule is not enable by default and it is something that you has enable (extra protection) exclusions must be done to balance between security and functionality.
Exclusions on a username basis are not possible.
I would not disable AP, as doing that a security hole is being opened. Try to create exclusions that you really think must be created.
Please let me know if you need more help.