If the zip file is password protected, EOP cannot look inside it, but if the zip is not password protected, then EOP will detect xlsx or docx files inside it and apply the action you specify in the rule.
https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/inspect-message-at..."The content of these files, which were originally in a supported file type format, are inspected and processed in a manner similar to messages that have multiple attachments. The properties of the compressed archive file itself are not inspected. For example, if the container file type supports comments, that field isn't inspected."