Dump that useless Cisco crap.
Anyone with that bad of an operations group that they can't understand the information I provided to you regarding the fact these signature detections are occurring within portions of the Microsoft Edge browser updates is obviously not worth paying for their 'protection'.
On top of that the Microsoft document I referenced about this IP address in my first post above indicates that these are official Microsoft servers, so the idea these are 'shared' IPs with anyone outside Microsoft is ludicrous. In fact, it's more likely that they are operating from a [possibly 3rd-party] CDN, since virtually all Microsoft update services have been operating in this way for decades now, so that's possibly why a less than knowledgeable technical group might misunderstand these IPS as 'shared'.
I spent 20 years as a network administrator and the rest of my career a security professional in engineering education, Whitebox manufacturing and 3rd-party security firms, often dealing with similar issues myself with the antivirus and firewall security app portions of 3rd-party vendors.
These products are notorious for detecting the signatures from other products and occasionally even their own as the malware they are intended to detect, since obviously the industry practice of sharing malware signature data between providers means they'll detect each other's signature packs when not obfuscated.
I learned long ago to either disable these firewall-based antivirus products or be prepared to spend lots of time chasing ghosts, since at the time whitelisting individual source IPs was difficult if not impossible.
It's up to you how you choose to deal with this, but Microsoft has nothing to 'fix', since the problem is with another company's product that's doing an obviously stupid thing, since literally millions of Microsoft Edge installations around the world are receiving exactly the same malware detection packs and having no difficulty with their delivery or we'd be seeing many thousands of such reports from other 3rd-party product users here as well.
Try to think logically, which scenario actually makes sense?
And for future reference, you're posting in a Microsoft Community forum for consumers that typically doesn't try to handle such questions, since to most volunteers and contractors helping here these commercial issues are outside their areas of expertise. I just answered the initial post since as a past admin/security professional, the true issue was obvious.
However, I'll now direct you instead to the Microsoft Learn - Q&A forums where you should be posting instead, so all of the administrators and other professionals there can tell you the same things I already have.
Questions - Microsoft Q&A
Related note: I just did a search and though it isn't related to this particular Microsoft server, someone posted at the Cisco Community with a similar issue of false detections on both Adobe and Eset servers. Please note that the answer from a Cisco Community VIP Advisor was to create a list of whitelisted URL not to perform inspection on, including those like Microsoft Apple, Cisco, Adobe, etc. Might want to post your query there as well, since those are people truly in the field, not some back-room at a vendor.
IPS False positives on Malware signatures - Cisco Community
Rob