Hi Pavel,
I understand where you're coming from now, it's not necessarily the Policy triggering, rather the fact the user experience is impacted.
I've seen a couple of reasons this could be in effect (these again are working thoughts of mine)
1. make sure any endpoint protection solution isn't scanning files written to the DLP temp directory (sorry not got that to hand)
2. the file size is the issue, the .jar or .zip file may unpack multiple other .jar or .zip files. Here the agent treats each .jar or .zip as a separate count - example the maximum file size for inspection is 30MB, each .jar or .zip is treated as a separate count.
The only answer I can think of for the second point would be to reduce the maximum file size the DLP agent will inspect, see what happens if this is reduced to say 15MB, does this help?
IncidentHandler.MAX_INCIDENT_FILE_SIZE.int
I don't believe today there is a way to limit the files within the .zip to inspect to performance.
Kind regards David