By default Windows does not log what executable is being blocked by Windows Firewall. In order to log what executable is being blocked run the following command as an administrator:
auditpol /set /subcategory:"{0CCE9226-69AE-11D9-BED3-505054503030}" /success:disable /failure:enable
Open event viewer and navigate to Windows logs -> Security
From right side panel click Filter log -> Keywords -> Select “Audit Failure“
You should now see the specific executable that is being blocked by Windows Firewall and you can add the appropriate rules to allow it.