It is hard to do with Agentless. With Multi-platform, it is possible to exclude any files that are signed by a trusted Microsoft certificate. That will bring down your scan time considerably. Unfortunately, that is not possible with Agentless since the VMware driver does not support publisher exclusions. The only exclusions supported are based on filename or filepath. I am not sure if that will help you prune what you scan.
Yeah, I'm a bit disappointed with the opacity of Agentless. It doesn't have MVADMIN like MOVE MS has which I find odd. MOVE support also wasn't able to tell me if increasing the cache count would benefit me or the pros/cons for it even at a basic level. they were able to tell me that once the ODS scan window ends all scanning ends too. if a file is currently being scanned it will finish but no additional files will start scanning. this allowed me to add an additional hour of ODS scanning in since I had previously though that if an ODS kicked off before the window closed, it would run until the scan was complete or until the scan timeout hit. but that's not the case, if the ODS window ends the scans end as well regardless of the scan timeout. which is a bit interesting, because if I look at ePO ODS queries, I can see new scans kick of 3 minutes before the ODS window ends, then an hour later (60 minute scan timeout) I see the logs show the scan was cancelled due to the scan timeout. so it seems the ODS window will stop scanning, but the scan will still be considered on-going by ePO and there's no log status that indicates the ODS window closed. not a big deal, but if you're tuning based on logs like I was it's a bit misleading.