Update:
First had this issue last Tuesday, 6/12. Disabled IPS on the affected client for the day to allow Veeam backups to complete. On a lark, re-enabled IPS on the client the next day and all was well again without any further action on my part, so I figured it was a transient problem that had somehow resolved itself.
Everything was fine up until today, Tuesday, 6/19, when the issue has suddenly recurred again. Don't know if it's a merely a coincidence that this problem popped up on consecutive Tuesdays, but somehow I doubt it.
Re: adding an exclusion to IPS, how exactly do you do that? It's not an option in my Endpoint Protection policy, nor do I have a discrete IPS policy that I can edit.
Just out of curiosity, are IPS signatures updated daily? I'm trying to understand how IPS and a backup app would coexist peacefully for six months, then IPS would suddenly object a backup operation, then be OK with it, then suddenly not again, all on an otherwise stable client.