After upgrading to SEP 14.3 RU4 you start to notice Tamper Protection Events from MSIEXEC.EXE
Release : 14.3 RU4
Component : Tamper Protection
Enhancements were made in SEP 14.3 RU4 so that unsolicited calls to have Windows Installer modify SEP are blocked: E.G. someone running MSIEXEC.EXE from a command prompt or via script.
In case of legitimate usage of cmd\script\SCCM to uninstall software in the infrastructure, it will be needed to add a Tamper Protection Exclusion for MSIEXEC.EXE.