I don't know if this is applicable for NNTP traffic, but I would say it is worth a test. This came from one of the avast team.
- Non-Standard SSL Ports:
If you want the Mail shield to scan traffic on non-standard SSL ports, you can configure them in the EmailShield.ini file. Open file "C:\ProgramData\AVAST Software\Avast\EmailShield.ini" using notepad and under [EmailScanner] add such lines:
PopRedirectPortSSL=995,1234
Save your changes, the avast self-defence module will seek confirmation, answer Yes.
And restart the Mail shield.
Where it is mentioned about PopRedirectPortSSL, there is a corresponding line entry for NntpRedirectPort=119.
So that is the one I would assume is for you, add the value 563 to the existing entry, e.g. NntpRedirectPort=119,563
Now, I'm thinking that this may not work and based on the other parameter name it may need a new line added for SSL NNTP connections:
NntpRedirectPortSSL=563
Let me know how it goes, especially if my estimated name for SSL NNTP connections is correct or not.