Be careful with excluding:
%INSTALLDIR%\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\FileStore
While this will have performance impact (and potentially big impact if there is a lot of I/O), you should regularly scan it because this is were uploaded agnostic content will be stored, and is the one vector of potential attack (for example uploading an infected office document, or even an executable).
The way to mitigate this is to disable "add object rights" for agnostic type documents and any other types you don't expect users to upload.