wpephpcompat_jobs stands for “WP Engine PHP Compatibility Jobs” [1].
According to the documentation:
The WP Engine PHP Compatibility Checker can be used by any WordPress website on any web host to check PHP version compatibility.
This plugin will lint theme and plugin code inside your WordPress file system and give you back a report of compatibility issues for you to fix. Compatibility issues are categorized into errors and warnings and will list the file and line number of the offending code, as well as the info about why that line of code is incompatible with the chosen version of PHP. The plugin will also suggest updates to themes and plugins, as a new version may offer compatible code.
I don’t know what “Executable PHP widget” and “Email Address Encoder” are.
My theory is, you have one or more plugins that are offering these two tools. When WP Engine runs, it checks for the compatibility of the code in these plugins or tools. Somehow this compatibility check triggered the execution of whatever action they are running, and so the Sucuri Scanner ended up reporting the suspicious event.
You can ask the developer of “PHP Compatibility Checker” here [2] for details.
[1] https://github.com/wpengine/phpcompat
[2] https://www.ads-software.com/plugins/php-compatibility-checker/
