Seeing false positive alerts triggered by ATI rules, how to set exception?

• App Control Server: All versions

To create an advanced Indicator Set Exception:
1.If the event for which you want to create the exception is not displayed, choose Reports > Events on the console menu and choose the Threat Indicators Saved View. You can also choose an event from another view, but using Threat Indicators ensures that the events shown all have an associated Indicator Set.
Note: You also can choose the Recent Events link on an Indicator Set Details page to see all recent events for that set
2.If necessary, change the Max Age value to view older events.
3.When the event for which you want to create an advanced exception is displayed, check the box next to it and on the Action menu, choose Create an advanced Indicator Set Exception. The Add Indicator Set Exception dialog appears with the Indicator Set and Platform entered in read-only form and the other parameters editable. Note that if you check more than one box, an error message appears.
4.In the Add Indicator Set Exception dialog box, enter an Exception Name and optionally a Description.
5.Edit the other parameters to create the rule you want.
6.When you have finished configuring the exception, click the Save button if you want to stay on the page or the Save & Exit button to return to the Events page.

https://community.carbonblack.com/t5/Knowledge-Base/CB-Protection-What-are-Indicator-Sets/ta-p/82674
https://community.carbonblack.com/t5/Documentation-Downloads/Cb-Protection-v8-1-0-User-Guide/ta-p/36992?attachment-id=5975