Yes, I reviewed that post's 3rd section on Controlled Folder Access, but I think the point I'm trying to make may be misunderstood.
The fact is: Windows Security is detecting CCleaner64.exe attempting to make changes to memory. This is not a false positive in the context you mentioned, as it is certainly and specifically detecting CCleaner64.exe ,. So, why would CCleaner64.exe make this attempt, when the app is not running, has no services running, and has all auto features (updates, notifications, smart check) turned off?
In this case, CCleaner should not be making this attempt and should not be detected by Windows Security at all, for any reason, since the app is not running, has no services running, and has all auto features (updates, notifications, smart check) turned off?