DLP Agent blocks actions in application that is whitelisted.
DLP agent has a feature of monitoring child processes that is enabled by default.
Example:
You have AFAC enabled in Global Application Monitoring for Google Chrome.
You have whitelisted MS Word for detection to ignore any activity in this application.
You download *.docx file with Google Chrome and open it from the Chrome Downloads section.
If *.docx file content triggers any policy you will get an incident for MS Word.
In this case MS Word will be stated by Google Chrome and is considered as a child process.
Google Chrome detection rules and filters will be applied in this case.
Windows
Child process monitoring is enabled in Agent Configuration.
Open Agent Configuration -> Advanced Settings
Set FileSystem.MONITOR_APPLICTION_CHILD_PROCESS_FILE_ACCESS.int=0
It will disable child process monitoring in detection.