Short answer: not really.
Explanation: The "long list" shouldn't bother you, specially if those "password protected" files are coming from old restore points. Any file downloaded could potentially have such result, simply because it doesn't depend on you, but on the manufacturer / producer / developer of the file.
Specifically in the case of restore points, they are automatically deleted according to the settings (in Windows). New restore points replace older ones, and free space in your HDD is also a factor (according to your percentage of free space, Windows reserves more or less space for restore points).
Many little settings can be changed in Windows to affect restore points. In general, it's not worth to get onto those little settings, unless you really know what you are doing and the consequences of that.
That's on Windows side. On Avast side, you have some configurations, like maximum size of logs and / or reports (but not *all* the logs and reports are affected by this general setting), or max date to save an old log. As you can see from the specific folders ("log" and "report"), each text file is related to the type of scan or the specific shield that was triggered, so some of them also have some possible configuration.
The bottom line, IMHO, is that the only reason to review a full report is when there is at least one potential problem or infection. The "password protected" result is not such a case.