You want to remotely download quarantined item from the affect client with Symantec Endpoint Protection Manager (SEPM). 

You have made sure that the "Upload quarantined files from the clients" is checked.

There is a task in command status showing successful download of the file.

After running "Download file that the client quarantined" you receive a file named as a hash of the file and the file content is encrypted.

Release: 14.3

This is per design.

While downloading the file, the name of the downloaded file will be the hash of the originally-quarantined files (before the SEP client transformed it with an XOR operation), but the contents of the file will preserve the XOR operation. There is no possibility to download malicious file directly, it will be always XOR 0x80 encrypted file.

File should be moved to the testing environment to the responsible Security Team, and after putting it in the desired condition, Security Team should use any script / 3rd party tool to decrypt file from XOR 0x80 back to the original state.