Depends on your use-case.
Do your end-users access only/mostly well-established websites/web-services? Then you should be fine blocking the unrated category.
Do your end-users regularly visit "random" or new websites/services as part of their job? Then maybe you should allow it. Or block it, with ad-hoc exceptions being added as needed.
If you're unsure, start by setting the category to "monitor" for some interim period, and then periodically check your logs for any access matching this category. Then you can review the websites matched and decide if you want to block, allow, or block with exceptions.
[ corrections always welcome ]