Thank you KMSigma for your due diligence in both identifying these events, as well as offering suggestions for improvement . We are aware that queries to the Win32_Product class are not query optimized which is partly why we will only be polling asset inventory information once a day. When we first encountered these messages in the Event Log we thoroughly investigated this issue and determined that querying this class is perfectly safe. Nothing is being installed/reinstalled/etc unless the installation was corrupted anyway, which would occur on it's own when the next time the application launched thanks to MSI Self Healing.
A quick checksum is done on the original installer the same as when you open "Programs & Features" under "Settings" in Windows Server 2008 and later. This is why the list sometimes takes a minute or two to fully populate. This same process occurs when the Win32_Product class is queried.
Microsoft recommends avoiding its use during operations such as login scripts, group policy filters, or continuous monitoring products like patch management, vulnerability assessment, and computer posturing/NAC, as this process takes up to a minute to return results on slower/older machines with many products installed.
While I understand your concerns with such an ominous message stating that it might repair or even re-install a package as a result this query. However, this same WMI class is the industries de facto standard, used by virtually every product that collects installed software information via WMI.
We do however plan to investigate alternative methods for collecting this information or allowing software inventory to be disabled entirely.