Henry Schein One recommends that you evaluate your risk and configure your antivirus software according to Microsoft's recommendations: https://learn.microsoft.com/en-us/troubleshoot/sql/database-engine/security/antivirus-and-sql-server.
When you configure your antivirus software settings, make sure that you exclude the following processes (as applicable) from virus scanning.
sqlservr.exe (SQL Server Database Engine)
sqlagent.exe (SQL Server Agent)
sqlbrowser.exe (SQL Server Browser service)
%ProgramFiles%\Microsoft SQL Server\1<NN>\Shared\SQLDumper.exe (SQLDumper utility)
When you configure your antivirus software settings, you should exclude the following files or directories from virus scanning. These exclusions may improve SQL Server performance and ensure that the files are not locked when the SQL Server service must use them.
Important: If these files become infected, your antivirus software cannot detect the infection. You can schedule a complete scan of all files when the system is offline.
SQL Server data files usually have one of the following file name extensions:
.mdf
.ldf
.ndf
By default, the data files are located in the following directories. However, they can be placed in any directory by the database administrators of the system.
%ProgramFiles%\Microsoft SQL Server\MSSQL<NN>.MSSQLSERVER\MSSQL\DATA
%ProgramFiles%\Microsoft SQL Server\MSSQL<NN>.<InstanceName>\MSSQL\DATA