Sophos disabled but still blocking files

Could that be download reputation sending the file for scanning?

If you open up Endpoint Self Help - Enable Debug logging for IOfficeAV:

Relaunch the browser and reproduce the problem.  Then check:

C:\ProgramData\Sophos\Endpoint Defense\Logs\Low\iofficeav.log

What do you see in there?

Here is what it see. It doesn't even have to be at download, it could be sitting there in a folder and it will be removed by Sophos. Here it says manual cleanup required but the file isn't there.

Here is what it see. It doesn't even have to be at download, it could be sitting there in a folder and it will be removed by Sophos. Here it says manual cleanup required but the file isn't there.

I also cannot download it again even with all of sophos disabled on that endpoint.

It says that a scheduled scan completed, that might explain the detections in the list view you are showing.

The value of TaskInfo under:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense Service\ScheduledTasks\SophosScheduledScan

will detail the config of the scan if it exists.  You can also check

C:\ProgramData\Sophos\Endpoint Defense\Logs\SophosScanCoordinator.log