Hello,
You please share us the Risk logs from the SEP client / SEPM ?
Also, please let us know the name of the Risk detected, path and file name?
Is the risk being detected only on 1 client or a number of clients across the network?
In case, this is in reference to the DWHxxx.tmp? Check this Article:
tmp file (DWH*****.tmp) detected as Trojan.Gen or Trojan.Gen.2 by Corp products
http://www.symantec.com/business/support/index?page=content&id=TECH102953
Hope that helps!!