"good unescape" is URL encoding - when ASCII string is present in the format %00 - %FF - each byte is replaced with % followed its hexadecimal value (see https://en.wikipedia.org/wiki/Percent-encoding)
"bad unescape" is a string which uses percent sign followed by two characters which are NOT 0-9 A-F. For example: %2R
This is usually a sign of potential evasion of filters and cross-site-scripting attack attempts, however can also be a false positive, for example: someone's password could be "100%secure" , so "%se" in that password can be detected as "bad unescape".
The best practice of course is to loosen the policy just on the URLs/fields where you are seeing false positives (which you are already doing). If you decide to disable blocking of this violation policy-wide I would still advise to keep the "Alert" flag on.
Hope this helps,
Sam