Unfortunately, this has been a problem with this plugin for some time. It is also not very configurable.
Do already have email scanning done at your gateway? If so, this plugin is redundant and you can disable it.
One change you could try is to scan only specific file types - the ones that are more likely to be malicious - .exe, .com, .bat, .js, .cmd, office filetypes, etc.