MicrosoftReza_Ameri It's not about false positives.
CFA uses a pre-defined whitelist, not a blacklist like most AVs use, false positives don't apply to it.
And I'm not sure if you used it before but it's not a system-wide feature, it is only designed to protect specific folders. By default, it only protects certain user folders. So, it is very much practical to use Controlled Folder Access to protect sensitive folders only and using it after a ransomware attack hits is obviously a very insecure and bad policy. It's like saying I don't use antivirus and I just wanna wait till one of my network computers gets infected and only then I will turn on antivirus on the rest of my computers, hoping my command to activate the antivirus will be faster than the malware spreading. lol
