This generally happens when a patch 4/5 upgrade is pushed over an unsupported upgrade path, patch level 0 (RTW) or 1. The patch upgrade will fail and the registry key will get stuck at 8 which no longer enforces policies from EPO for VSE and reports as not being installed. If you check your Windows\Temp\McAfeeLogs directory on the client you will usually see a lot of patch4/5 install logs which indicates an attempt to upgrade during every daily update. The easiest fix is to send an uninstall task for VSE to all of your systems showing no VSE installed and then push the latest full install after that is complete.
If this is the case make sure in the future you upgrade your product patches to the minimum required patch levels before checking new patches into the current branch. The release notes for patches will state the minimum patch level required to successfully upgrade.
Thank you for your quick reply. I will be testing this in DEV this afternoon.