Upgrde to Configuration Manager 2303 and some packages failing to install because of Applocker

Since I upgrade to Configuration Manager 2303 I'm finding that some packages are not installing properly using the NT Authority\System account that is local on the client machine.

Background: We have had Applocker in place for many years and as per Microsoft best practices one of the rules for exe's is to deny access to C:\Windows\Temp. This has never been a problem with pushing packages to windows clients with Configuration Manager. But since the upgrade some of my packages (which have not changed) are now getting flagged by Applocker and the install is failing.

If we manually install the package with our elevated account the install works fine, but pushing does not. This is also affecting my 3rd Party Software Updates (PatchMyPC), which again was working fine until the upgrade.

I have done a site reset one, but the problem persists THe only way we have been able to get around this is to add publisher rules in Applocker to let the packages to install

As an example I have added a applocker event on a package we have pushed for years with no issues (the package was created 12/2020), but now its getting flagged

Has anyone ever seen this before, or know where I should be looking to figure this out?

thanks...