By exemption do you mean a process/folder Endpoint would not monitor entirely or processes/folders that Endpoint will not alert on?
If the former, that's a coming feature we have roadmapped for the near term. We understand how important it is.
If the later, you can do that via the exceptions workflow in the Security app. Go to the Detections tab, click "Manage Detection rules", click on "Elastic Endpoint Security" rule, then the "Exceptions" tab in the middle of the page. Click the drop down for "Add new exception" button and select "Add Endpoint exception" to create an exception that will be sent down to the Endpoint rather than applied after Endpoint generates an alert. If you want to apply the rule to just a small number of machines you can add machine specific fields from the alert, like hostname, into the exception criteria.