1. Allow 'drag and drop' of executables into the exclusions list.

2. Recursive/associative exclusions. If I exclude the main Microsoft Edge application, the VPN should automatically exclude any associated executable. Taking the Microsoft Edge example, this program comes with a dozen or more scattered executable files which, if not also manually excluded from the VPN, will cause the program to simply not function at all. On top of all that, updates to the program cause the directory names to change, so we have to manually exclude all of those .exes again each time.

3. Vendor exclusions. Suggestion #2 could be ignored if I could simply set "Microsoft" as a vendor the VPN should let through, for example.

4. Entire directory/drive exclusions.

5. A right-click context menu entry with "Add to VPN Exclusions" option, so we can exclude executables straight from Windows Explorer or the Linux and Mac equivalents. Would be great if this could work on a selection of files and not just one.