Description of the false positive

In a c# project, we are using NWebsec.AspNetCore.Middleware's (docs) ApplicationBuilderExtensions to set the X-Frame-Options policy. The scanner, however, reports Missing X-Frame-Options HTTP header (cs/web/missing-x-frame-options) as it is only checking the Web.config, I assume.
Any suggestions on mitigation? Thanks!

Code samples or links to source code

//set x-Frame-Options policy="SameOrigin"
app.UseXfo(options => options.SameOrigin());