It rather depends on what that IP address is; new sites/IPs would be constantly added/updated in the auto/streaming updates. Which doesn’t clearly mean it is an FP, just that it has just started, sites and hosts can get hacked. Plus we don’t know what it is during your browsing that is trying to access that IP address (and why) that triggers the Enhanced Protection module in IE11.

Edit: attached whois image