Vulnerable Puppet version not being reported by IVM

We have Rapid7 agents deployed on Windows servers but agent scan is not flagging the old version of Puppet Agent - CVE-2021-27023 . I was able to add custom check for this vulnerability. Why is R7 not reporting this CVE even though it has inventory of all services and software.

Yeah I raised this up with my account manager and he said it would go behind it. Would do the same thing actually. The more the merrier.