In general, Why do some exe files get scanned and some don't?

Hello Daniel Hayes1,

I'm not Sophos staff, just my two cents

there are a lot of exe file being scanned in the cadcam software all the time
how did you arrive at this assessment? Files are only scanned in response to an open or close and only if they haven't been scanned before. Of course some evaluation is always necessary to assure the file has indeed not (been) changed.
digitally sign
is a good idea. Naturally the signatures have to be verified.
is there something a software developer has to do
I think it's not has to do but rather should avoid. Most software has no problems with AV thus it's more likely that "unfortunate design" is the cause.
sees it as something safe and does not scan it anymore
does not scan is not possible. At least a file's integrity must be checked each time it is opened.

Summary:
It's likely something in the architecture of the cadcam software that triggers this excessive scanning. If so there's no short-term solution other than setting exclusions. This shouldn't be done lightly. The "classic" scanning  is becoming a thing of the past though and this problem should disappear but there's no guarantee that this cadcam and whatever security software go well together.

Christian

Hello Daniel Hayes1,

I'm not Sophos staff, just my two cents

there are a lot of exe file being scanned in the cadcam software all the time
how did you arrive at this assessment? Files are only scanned in response to an open or close and only if they haven't been scanned before. Of course some evaluation is always necessary to assure the file has indeed not (been) changed.
digitally sign
is a good idea. Naturally the signatures have to be verified.
is there something a software developer has to do
I think it's not has to do but rather should avoid. Most software has no problems with AV thus it's more likely that "unfortunate design" is the cause.
sees it as something safe and does not scan it anymore
does not scan is not possible. At least a file's integrity must be checked each time it is opened.

Summary:
It's likely something in the architecture of the cadcam software that triggers this excessive scanning. If so there's no short-term solution other than setting exclusions. This shouldn't be done lightly. The "classic" scanning  is becoming a thing of the past though and this problem should disappear but there's no guarantee that this cadcam and whatever security software go well together.

Christian

How did you arrive at this assessment?

The problem is on the Cam Side of things 99% of the time . when we make a tool path in cam software this can take many exe file to make this 1 tool path, each tool path creates 10 - 20 new files , I may have to make 10 , 30, 300 tool paths you just never know how many it will take to process a job.
and on top of that, we use multi-core CPU processing, meaning we can compute up to 4 tool paths simultaneously. Now you can understand how many files are actively being created simultaneously.

We have run test to check the processing time with AVP on and then Off, With AVP on No exceptions it was 1.5 Hr , re computing the same project with AVP on with exceptions set. The time was 45 minutes.

People don’t want to set exceptions because it makes holes in their systems, so this is why I am asking about files being scanned all the time.  

Hello Daniel Hayes1,

I see. The number of files isn't that high I'd say, that is, if each is written in one go. If several open-write-close cycles are needed to create an exe the slowdown is not really surprise. The other reason I could think of is a resource (e.g. CPU) contention.

People don’t want to set exceptions
Normally the scanning overhead is not high, often not even perceptible. In situations like this one adjustments are necessary and if you can't change the workflow or tune the system exclusions might be necessary. A process exclusion could be suitable. The name is perhaps misleading, what it does it that it exempts those files from scanning that the specified process accesses.

Christian