Have you check the certificate of the problematic client?
We already encountered that scenario of rolling back of installation of AV. find out that the Certificate is incomplete. To check
- Open Internet Explorer
- Tools > Internet Option
- Content > Certificates
- Trusted Root Certificates
I dunno what certificate is but, if your certificate is less than 20 maybe your policy keeps on blocking on the certificate that your Antivirus might need to proceed installation.