this is a problem that all security softs face.
I have set ReHIPS to block powershell and script interpreters, which I personally don't use, as a second line of defense. This is just in case I mistakenly allowed malware to execute.
I would suggest that ReHIPS offer various templates to the user, when the program first installs.
the template for the home user would block powershell and script interpreters by default, and template for IT pros would allow them by default, and would also allow other processes that power users need, such as the windows mounting process that Shadow Defender uses.