It is how it should work, the connecting peer just allocates a high service port for a connection (called ephemeral Ports based on IANA Recommendation set t o49152 to 65k in default).
I would not bother with this peer as you cannot eliminate these and the protocol should handle these kind of behaviours (if not then it is poorly designed and/or implemented, meaning not worth of using this protocol) by dropping them from any list (cold, warm and hot) and closing the TCP connection. Cos, this protocol is like HTTP meaning by that it should and would be constantly attacked from the Internet.
Sorry, typing on the tablet.