It's very possible that another security product would interpret WSA's reading of the file as an execution. WSA was doing the same for quite some time for MBAM but we added logic to avoid it.