MB Anti-Exploit detects Kutools as an "ROP attack" exploit. The log does not show a filename ("n/a"), so I can't create an exception for it or whatever.
Kutools is a popular Excel addin, so it's totes legit. This behavior occurs both on Windows 7 + Office 2010 as well as Windows 10 + Office 2016.
To reproduce:
1. Download and install https://www.extendoffice.com/downloads/KutoolsforExcelSetup.exe
2. Open an Excel sheet, type something into a cell, and click the Kutools tab at the top
3. In the ribbon, click "Text" and then "Remove Characters"
4. Excel quits unexpectedly, and Malwarebytes pops up a message, including: "Exploit ROP gadget attack blocked"
Here's the contents of the MBAE alert log when this occurs:
"2016-10-07T11:11:07.799-05:00";"bear";"3708";"C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE";"5068";"explorer.exe";"1";"508";"452";"0x20816182";"";"";"0x00DF0000";"0x00DCF000";"";"";"";"";"";""