Netwrix is attempting to reach an external IP address belonging to CloudFlare. Why?
Netwrix setup files and .dll libraries are signed with a certificate, issued by GlobalSign.
When the product runs, Windows or .Net runtime checks this certificate, as a part of this check there is a request to update the Certificate Revocation List and it is sending it to crl.globalsign.com, that is using the IP range assigned to CloudFlare ISP.
There is a Microsoft Technet article on how to configure Certificate Revocation.
Lack of access to any GlobalSign server does not affecting the product functionality.