The issue is fixed in SONAR version 12.4.0. 

As a workaround, please follow the steps below:

1. In the SEPM console, browse under Policies > Exceptions.
2. Choose the exception policy assigned to the affected clients and click Edit the policy.
3. Add C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\<BuildVersion>\Bin64\RegSSHelper.exe to SONAR exclusion, as shown below:

NOTE: The <BuildVersion> should be the correct build number in the path on the target client systems

1. Click OK and OK to save the addition.
2. Apply the policy to the affected groups of clients.