It's easy to make a mistake or to forget something while creating a new AC rule.
First, you have to create the rule for all applications ("*"). This rule applies to processes which are launching the applications you want to block, not to these applications themselves.
Then create a "Launch Process Attempts" condition. Apply it to all *.exe files on network shares. Here you can add your exception as well:
As the last step, define a "Block access" action:
Check if your new rule set is set to "Production", then click OK.
If your clients are running 32-bit OS, it should work.