Classic ASP Custom Rule Ignored in SCA 19.1.0

We have a large Classic ASP/C# site which has a few custom rules to mark strings as XSS safe, etc. Lately the custom rules are being ignored. In particular, one ASP file includes a function defined in another, and that function was removing the taint beforehand, but now the Anaysis Evidence is coming back  with taint "DATABASE, XSS". I opened the FPR file in Audit Workbench and verified it was reading in the custom rule files. I then went to the offending function and said "Generate Rule For Function" and inserted it into the existing custom rule file. That new rule is also being ignored. What am I doing wrong here? New rule below. Note I change the default language from "dotnet" to "vb" by hand. Neither work.

<DataflowCleanseRule formatVersion="19.10" language="vb">
<RuleID>8E12C533-55BA-4919-B1C3-921F06143E8E</RuleID>
<TaintFlags> VALIDATED_CROSS_SITE_SCRIPTING_REFLECTED, VALIDATED_CROSS_SITE_SCRIPTING_PERSISTENT, VALIDATED_CROSS_SITE_SCRIPTING_DOM, VALIDATED_CROSS_SITE_SCRIPTING_POOR_VALIDATION</TaintFlags>
<FunctionIdentifier>
<NamespaceName>
<Pattern/>
</NamespaceName>
<ClassName>
<Pattern/>
</ClassName>
<FunctionName>
<Pattern>preventxss</Pattern>
</FunctionName>
<ApplyTo implements="true" overrides="true" extends="true"/>
</FunctionIdentifier>
<OutArguments>return</OutArguments>
</DataflowCleanseRule>