It is easier to find virus origin if Risk Tracer is able to identify remote computer.
Currently it cannot identify the remote computer
Not sure what you mean? This is the point of risk tracer
About Risk Tracer
What is Risk Tracer?
How to use Risk Tracer to locate the source of a threat in Symantec Endpoint Protection
Click the "Mark as solution" link at bottom left on the post that best answers your question. This benefits admins looking for a solution to the same problem.
Thanks for the above links.
Risk Tracer lists a source as unknown when the following conditions are true:
In your case this is because the file was downloaded first. Than attempted to execute. It was local so there was no remote IP