Hello,
Check the Recommended settings for SEP.
https://support.symantec.com/en_US/article.TECH173752.html
However, in your case, you may go ahead and change the policies Security Risk detections: 1st action / and 2nd action if first fails as "Log only"
Hope that helps!!