The process shown generating the events is ccmexec.exe.
SCCM is configured to index executable or other files in the environment. When the ccmexec.exe process does the inventory scan, it triggers the rule mentioned above, generating 'would have been blocked' events in the console. A sample of an SCCM configuration is attached.
To resolve, a software rule can be created to allow read only memory map operations by ccmexec.exe. The rule should be placed towards the top of the list to have a high priority.
To create the rule in the console:
Navigate to Rules > Software Rules > Custom.
Add Custom Rule
Set the following parameters:
Rule Type: Advanced
Execute Action: Allow Read-Only Memory Map
Path or File: *.exe (you can add additional extensions here if your SCCM is configured to inventory those)
Process: C:\windows\ccm\ccmexec.exe (verify the exact location of your executable, different SCCM versions may use different locations)