Thanks for reporting this issue to Sophos. All our executables are signed, so it should be easy for Sophos to whitelist them.
Meanwhile, can you or your admin whitelist the file for your machine(s)?
From your screenshot it seems that Sophos is not blocking the xfile module in general as long as it only provides file acces. It blocks it “only” when you use the XRUN command to launch a Powershell script.
Is using XRUN important for your use case? Or was this just a test to demo the issue?