The reason to run it under an alternate name is that certain malware recognize the SAS process
by it's executable name and stop it from running...
Now that you mention that I'm pretty sure I've had this with another security software long ago...but I can't remember which one, also running an executable with different name each time to avoid termination attacks...may be it was AVG antispy, not sure...
You are right. I experienced this once with the DrWebCureIt program about two weeks ago. After a customary program update before use, noticed the usual executable was replaced with a strange alphanumeric. It did perform without any untoward incident, though.
Remembered reading advice here in the forums to manually rename the .exe file but, in this case, it appeared to have changed clothes on its own.