If you are seeing learning suggestions that you believe are false positives, then the correct action to take is to "Accept, Apply, or Allow...depending on the violation", not 'disable violation'. Selecting 'disable violation' will clear the Learn/Alarm/Block flags for a specific violation (that is, the type of violation, not the violation on a specific entity).
To use your example, if you select 'disable violation', the ASM will no longer check file entities for length violations, which is probably not what you want. Accepting the violation, on the other hand will cause the policy to be altered such that the characteristic that triggered the violation is now allowed. Again, to look at your example, this means that the allowed lengths of the entities that the violations were recorded against will be increased. Accepting learning suggestions on Attack Signatures stops the ASM from comparing application traffic to the Attack Signature in question.
Security policies may be in transparent or blocking mode; entities may have tightening or staging enabled, or may be enforced. Accepting a learning suggestion on a particular entity isn't going to affect the status of the policy, and isn't going to change the tightening or staging status of the entity. It will cause the staging-tightening timer to reset, but only for that element.