Based on the article we know that the cookie TSPD_101 can be set by ASM even there's no Proactive Bot Defence or DoS-Profile aktive.
We have set the type of the cookie with name: * to Enfored, which means that a cookie set (at server side) may not be changed by the client. Interesting is that ASM complains about TSPD_101 has been modified.
Do we have to define the TSPD_101 cookie explicit with type Allowed?
The cookie should not be modified by the client. If you find that the client is modifying the TSPD_101 cookie, I would take an httpwatch capture and open a case with support.