According to https://learn.microsoft.com/en-us/defender-endpoint/controlled-folders, "Apps are added to the list based upon their prevalence and reputation. Apps that are highly prevalent throughout your organization and that have never displayed any behavior deemed malicious are considered trustworthy. Those apps are added to the list automatically.".
So it's possible the tt2024.exe is just too new an app, whereas tt2023.exe is not.
