Hi Nate, we generally run vscans and compliance scans separately. In fact, we keep the data in separate repositories per past best practices documentation.
Generally I have lumped CIS Ubuntu 14.x and 16.x audit files into a common "Policy Compliance Auditing" policy. You can probably add others like RHEL, Windows, etc too so one scan policy covers them all. The audits have if-then code to detect the OS release and version to determine if it should be used or not. The results will contain a simple "PASS" for audits that don't apply to the system's OS, and full results for the one that does.
In SC 5.x the audit files can be added right from the web interface... similar to how Nessus does it.
From SecurityCenter, go to Scans -> Audit Files -> Add and all the latest audit files will be available.
Regarding scan policy, there is a canned one available.
Go to Scans -> Policies -> Add, select "Policy Compliance Auditing". Add the audit files you selected earlier and save it.
Run the one policy against your entire infrastructure making sure you provide the necessary admin / root level credentials.
My only issue with a separate repo is the hit to license count. We're already up'ing our license and more than half our network is servers/workstations so this would be a MASSIVE hike in total license needed if we split our Compliance scans into their own Repo's. Is this really what Tenable suggests? It's greatly in their favor and now ours from the current license model.