X-Content-Type-Options Header Missing

Hi,
I used Universal Login with a custom database connection to my application authentication process.
It’s working as intented.
Now I run OWASP ZAP against my application and I got this security risk about auth0:

X-Content-Type-Options Header Missing

The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ‘nosniff’. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.

url => https:/domain.eu.auth0.com/usernamepassword/login

So question is how can I disable this url because I don’t think I need it for my login process