Hello,
Could you tell us the reason, you want the "prov.exe" under centralized exceptions?
Is Symantec detecting it as a Threat?
Which component of SEP 12.1 is detecting it as Threat?
When you say, "is getting blocked by SEP"?
Does that mean, the traffic / packets generated from "prov.exe" traffic being blocked?
If yes, then work on this Article:
How to add an exception for Intrusion Prevention Policy to allow a specific ID through Symantec Endpoint Protection Manager
http://www.symantec.com/docs/TECH97176
Hope that helps!!