Hello Chuaboon,
Please follow the steps and let us know the status.
1. In the Application Control Rule sets, Select 'Block Programs from running from removable drives'
2. Highlight the rule set and edit this rule Set
3. Right click on 'Rule 1' and add a condition 'File and Folder Access Attempts'
4. In the right pane, under 'Apply this rule to the following processes' click on 'Add'
5. Type *.exe in the 'File or Folder Name to Match' field
6. Select 'Only match files on the following Drive types' and unselect everything except 'Removable Drive'
7. Also Select 'Only match files on the following device id type' then Copy and paste the device id here
a. USB\VID_1058&PID_0704\575845583038553736333831 (This is your exact device id)
8. Click 'OK'
9. In the Actions tab, select 'Block Access' for Read Attempt
10. Select 'Block Access' for Create, Delete, or Write Attempt and then Click 'OK'
11. Make sure that the policy has been enabled before you assign it to a group
12. If this is the first time you must reboot the machine to enable the Application and Device Control Driver