It should be enough but I would always use other software as well. This is how my config works:
KIS 2017: Detection via Real Time Protection, Firewall, etc
ZAL: Demand Scanner & Real Time Protection
VoodooShield: Whitelisting & prevention - great against Ransomware & Malicious applications
MBAM Premium: URL, Real time, Ransomware, Exploit protection
Avira Browser Safety: URL Blocking
So for me to get infected:
1) If it was a malicious URL then it would have to get past Avira Browser Safety - unlikely for most URLs but possible.
2) Then the URL would have to get past KIS 2017 & MBAM as well...
3) If it managed to do that then well it's likely that either MBAM, KIS 2017 or ZAL will pick it up with Real Time Protection.
4) If it wasn't detected by any of those applications then when I came time execute it then I would have to Allow the file through with VoodooShield.
5) VoodooShield automatically quarantines any file which has a detection ratio of over 3/57 on VirusTotal.
I have actually tested my config in a VM & will be uploading a video on it soon!
This is how I think when I put together a security config:
1) Will URLs get past?
2) Will downloads get past?
3) Will the file manage to execute?
And if the answer is yes & you are a paranoid user/over the top user (like me) then you may want to update your config. There is no need to be paranoid if you know what you're doing but since I took up malware testing & since I do it regularly I decided to be extra safe - better safe than sorry
CCAV should prevent any harm coming to your PC but I personally wouldn't use it on it's own. If you want to be paranoid then you use a bunch of security applications in combination. That way nothing should manage to get past your security - especially if you are asked to confirm that you want to allow the application to execute.