Outlook Auto-Protect is configured as follows:
-Scan All Files
-Scan within Compressed Files (6 levels deep)
-First Action: Clean, Second Action: Quarantine
-Display Notification Message on infected computer
I think the key here is your quote "provided the file is accessed/modified". The user never tried to access the file attachment. He forwarded the email to me, then I saved the .zip attachment to my drive. I use Thunderbird, not Outlook, so Outlook Auto-Protect would not have kicked in on my machine.