Hi Marcos,
that is somewhat correct, more precisely I don't want any detections to be triggered on files in a certain folder.
So this folder is completely whitelisted, and skipped by the detections module completely.
There is a bit of software that uses this folder and whenever it receives an update this triggers the detection engine.
Each time an update is received its unpacked to this folder, the hash and file name differ each time a new update is unpacked in that folder. so I cant really exclude it by name or hash. Therefore was looking how to whitelist the whole folder.
Detections are triggered with a cause:
Win32/RiskWare.nameofprogram
or with
Suspicious
Hope this makes sense, I can provide more info if needed.
* edited some typos