It's possible it didn't have a signature to detect it, submit the sample here:
https://www.symantec.com/security_response/submitsamples.jsp
You should also be filtering these types of attachments at your mail gateway. SEP will only detect the malicious attachment once opened, unless you have SEP's email scanning component enabled.
You can create an application control policy to stop execution of certain file names as well.