If its a trialware version then it might be sending data back to its server which Symantec would find suspicious and would Detect it..
To allow it..
If your client is self managed or in Client control mode then
Open SEP client--Change Settings--Proactive Threat Protection--Commercial Application --Keylogger
Change the action to Ignore or Log.
If you want to do it from SEP Manager console..
Then do it from SEPM-Policies--Antivirus policy--Truscan Proactive threat scan--