Best answer by JesseBropez
Welcome to the Webroot community!
Webroot will only scan and detect files that are of the portable executable file type. Portable Executable (PE) file types usually have the following extensions: .exe, .com, .dll, .sys, and .scr. For all other file types, such as macro enabled documents (.doc/.docm/.docx), Webroot incorporates detection on a case by case basis, if a file is found to do harm on its own.
The current Threat landscape dictates that most non-PE files seen today, such as the macro enabled word documents, are simply used as an aid to drop/download malicious executable files (PE) on to a victim’s machine – it is the detection and blocking of these malicious executable files Webroot continues to focus on with great success.
Regardless of the security solution you use to scan macro documents, we've found that cybercriminals often re-obfuscate them, in order to prevent security solutions from effective detection. We instead recommend focusing on using a GPO (Group Policy) or changing the trust center settings in Office to prevent all macro documents from being run. To find steps to achieve this, we recommend reading our Ransomware Prevention Guide. You will find specific instructions to prevent execution of macros in Step 2: Disable Macro Execution.
I hope this answers the questions you have and thank you!
The Webroot Advanced Malware Removal Team