When attempting to encrypt folders in windows that contain .exe's and scripts the following CSA rule fires and blocks access:
Configuration > Rule Modules > Windows Rule Modules > Windows LSASS Security Module [V5.2 r245] > Rules File access control 
We don't want to fully disable this rule. Is there a workaround that will allow EFS to work without fully disabling the rule?
I haven't been able to decypher the difference between EFS encrypting a file and any other type of lsass.exe file writes..