We deploy MCC installer (created using "New System" in ePO) via HPSA (Opsware). After it is installed, its then managed in ePO. You could apply policy/rules from CLI via script and push script with GPO. However the product is almost useless without ePO to collect the events generated. If you sole purpose is to prevent unauthorized execution of programs then I think you are using a sledgehammer to take care of a small nail.