To trigger ActiveResponse, Port scan needs a firewall rule that detects packets hammering on a client. To get better informations, check the traffic log on an affected client. If there is nothing, you could enable logging for the firewall rule that is responsible (must be one at the bottom of the rule list).
With these informations, it's possible to exclude "attacking" IP addresses that are harmless. See here:
Setting up a list of excluded computers
http://www.symantec.com/docs/HOWTO27084
So you can keep port scan detection enabled if you want to. Of course, if there are a lot of IP addresses triggering port scan alerts, this doesn't make sense, and it's better to disable it.
ActiveResponse not only blocks port scans but all other attacks detected by Intrusion Prevention. Thus, I would keep it enabled.