I think only with TAM disabled, unknown apps will be in low restricted categoryTAM is not so black and white as you are describing it.
There is a low-restricted category, which most unknowns fall into. It is not very restrictive, except regarding the loading of DLLs, which TAM is indeed very strict about.
when I enabled TAM for a while, everything I ran was blocked including many safe apps. It simply blocked everything, nothing was put into low restricted. I don't know about your case but because of this, I had to disable TAM