Is Network Threat Protection enabled and installed?
If not, it will not detect those things. Without NTP installed, you basically have SAV 9/10 installed, a 4yr+ old technology!
You should also put Bloodhound set to maximum too.
Search "SEP secret sauce," on google for a list of strongly recommended settings for SEP.