insightVM workflow - what counts as a 'new' vulnerability


I’ve recently downloaded the workflow ‘Alert on New High Risk Vulnerability in InsightVM with Microsoft Teams’ and amended it to send to email instead and made another couple of changes. Within a couple minutes of me activating the workflow I’d received 60 emails from the system so turned the workflow off. The quantity of emails in a short space of time suggests this isn’t reporting them in ‘real-time’ as they are discovered - does anybody know exactly what counts as a ‘new’ vulnerability in this workflow? And does it remember which vulns it has already emailed or will i get the same emails if i activate the workflow and then turn it off, then on again while testing?