which ruleset are you using. In your MWG Policy you have to configure in detail when TIE should be queried. Also, you have to take care when TIE Information should be updated.
You MUST check your ruleset, only executable files should be queried.
Enclosed some hints, may they help you.
- The whole ruleset:
Some more Details:
Note: This ruleset is part of a more complex one, where ATD is also configured. Take care with the last rule, where clean files are reported to TIE.
Have you taken a look into the TIE which files are queried by MWG??
As you can see in the first screeshot, i write a log file for any TIE query. So i can check which file was queried. The log is used to improve the TIE ruleset.
Hope this helps,