Explicit Deny
Any policy you create can be set to explicitly deny an application even when your computers are in a monitor only or learning mode.
Navigate to Application Control > Policies. Choose the policy you want to edit, and change the status from 'Inherit' to 'Secured". This makes it an explicit deny and it will be applied even in learning mode.
Conversely, choosing 'Monitor Only' will make the policy a monitor policy regardless of the computer's status. So even when a computer is secured, if the policy is set to 'Monitor Only', it won't create a block.
You can also edit the policy's status by clicking the pencil icon next to the policy. Then navigate to the 'Status' dropdown and make your selection.