Yes, it's ok. If even encoding the text the mod_security rule is applied then this means they are decoding base64 text (which is good despite in our case it's a false positive).
To solve this you can:
- Ask for help to your hosting provider. They should be able to add an exception for that rule in your .htacess file. This is the best option; unfortunately many hosting providers are not able to do this.
- Delete the word reported in the log (in our case base64_decode) from the word's list and try to save. If the problem arises again open the error.log again and delete the new word reported. Repeat this step until you're able to save the config.