The Policy settings can allow the execution of the remediation part of the policy.
When a detection rule fails (throws an exception error), “Exception” in the rule evaluation means:
This means that if “continue” was selected then commandline would be executed after failing with exception detection check.
By default the job would be aborted with “Not compliant” status.
One can easily tell exception from the conventional “not detected” rule evauation by the presence of errors/warnings in the agent user interface or the logs.
Please note that setting like “Run for each user” will execute the commandline for the 2nd user and further on REGARDLESS of any detection checks (user logs on -> commandline is executed immediately).