Current versions of SEP do not support exlusions on user's profiles per %userprofile% wildcard or similar - you would need to exlude each specific user profile folder separately - providing the full path to it.
As to your questions if it is safe to exlude userprofiles directory completely - definitely not. Many threats tend to nest in the user profiles - specifically in the temp folders such as temporary internet files for IE or Outlook or similar. Exluding these completely can put your systems as risk.