Hello,
The Web Security appliance won´t recognize the exe file inside of the zip/rar file. So if you have blocked .exe files, but allow .zip/.rar files, then the compressed exe file won´t be blocked.
Cisco does has a feature request for this behaviour, with Feature Request of CSCzv11335 (Scan archives for content blocked by file type), however at this stage there is no rough ETA on when this feature will become available.