The left window is not showing the system uptime but the network connection uptime.
The network may have only been up for a couple of hours for multiple reasons:
- The network wire was -perhaps briefly- disconnected
- The switch it is connected to was rebooted
- The computer was previously connected to a different network, but then changed to this one
- The network connection itself was disabled then enabled.
- If it's just slightly different, it's normal that the boot time will have happened a bit before the computer booted, loaded the OS and actually connected to the network.
I can imagine a several scenarios where the reported system uptime is different than Now - Boot time for a machine, though:
- The machine was hibernated and the time it was in that state is not taken into account for the uptime.
- The system clock changed after boot, so the boot time might even be dated years ago (whatever the BIOS clock default is) but the System time itself was corrected shortly after boot-up through NTP.
I understand the discrepancy to show in SIEM / AV dashboards. However, I don't see that as a reason to not accept security policy from AV. If the AV refuses to apply a security policy because it considers that they don't match -as seems implied by their support reply-, perhaps it is buggy.