Many of the Nirsoft tools are considered as PUPs because of the things they can do can mimic what malware might do.
I presume this is for on-access scans, as the Scan for PUPs in on-demand scans is disabled by default. That setting however, doesn't apply to on-access scanning. PUPS are scanned for in the Web Shield by default, so could be picked up on download.
I don't know where you find that:
In the AVAST-settings, PUPs are explicitly allowed and not considered as "malware", but even then some of the tools are considered as malware and blocked.
I can find no such setting in the File System Shield Actions section - PUP Options/Actions, see image.
No Action in this context doesn't mean they are explicitly allowed - all that means is - none of the other actions will be taken (and the file remains in place), but it still won't allow what is considered a PUP (or other malware) run.
Personally I only ever use Two Actions, Ask then No Action, the reason I say that Ask should be sat waiting for a response. I don't know how that can fail and proceed to another action. I don't want anything sent to the chest without my explicit action.
There is no additional option in the drop down list of Ask, from that of the other Actions to select.