Finally able to block the psiphon with the help of tac.
The procedure is :
-install the latest hotfix in both gateway and management (may or may not be required)
- Enable https inspection and generate the self sign certificate.
- generate self-signed certificate and install it on all PC of the network (Would be easy if Active Directory is in use)
- Make a Policy for https inspection with "https" and "http_and_https_proxy" with ACtion=Inspection
- Add url and application policy to block the category "support file sharing".
Note: the psiphon is block for only devices in which we install the self-sign certificate.