In our findings scanning the c:\users (os dirve\users) folder almost all the scans find something is that folder. The SEPM clients scan policy custom is missing a way to scan that folder by policy. We need to use command to scan that folder. Using external ways (task schedule).
My recommendation Allow SEPM clients scan policy custom to Scan c:\users folder, This will reduce administration efforts to achieve this.