You are trying to run a command using the PsExec app (sysinternals) via a command prompt with the DLP endpoint agent installed, but receive the error below. The problem does not appear when the DLP endpoint agent is disabled.
"Error establishing communication with PsExec service on [machinename] :
Access is denied"
PsExec.exe ver.2.2 or newer (important as the older version can produce a different output in Getappinfo)
The psexec.exe application should be whitelisted in the Enforce console
The configuration below resolves the issue - using only the binary name "PsExec\.exe":