I would've gone with using our default AP rules, then decide if you want/need further AP rules after a time.
This blog will help with some understanding of the feature: Access Protection - How To...
In reply to your immediate need, you have enabled rules we do not enable by default. Rules not enabled by default typically require tuning - possibly a lot of tuning - because there may be literally hundreds of applications in an environment that violate them and we haven't the time or knowledgebase to know what all the legitimate apps are vs. potentially malicious, and also because some processes that you may need to exclude could render the whole rule pointless so we don't exclude them... you might have to.
It's up to you if you want to exclude all those processes reporting back with violations, knowing that if you don't, when you switch the rule to block you could end up breaking those applications (until the rule is disabled, or the affected process gets added as an exclusion to the rule - it would be a very delicate app where Access Protection could actually break it ).
Another long-term option is to make recommendations to the vendor of the app, asking them if it's possible for their app to not do things malware has been known to do. They may give you a few choice words in return, like you're asking the impossible, and sometimes they'll be right.