Hi @ranakamran,
In the XML of employee.bpmn you are referencing an XML External Entity. By default, processing XML External Entities is disabled due to security concerns. You can read more about it in our Security Instructions and on OWASP.
If you know what you are doing, you can set the process engine configuration flag enableXxeProcessing to true. However, please review this action carefully since it could make your process application and workflow execution platform vulnerable to attackers.
Best,
Tassilo