Is the PC also in the 192.168.2.0 subnet?
If so, then what you are dealing with is asymetrical routing when the PC does not have that route installed.
Without the route the PC sends the traffic for 10.0.7.0/24 to the SRX gateway 192.168.2.253.
the SRX forwards it out to the VPN concentrator at 192.168.2.1
the concentrator delivers it to the destination
The return traffic comes to the concentrator and the delivery address of the PC is the same subnet as the concentrator so it is directly delivered bypassing the SRX
So the SRX sees outbound traffic but no reply on the tcp session and sees and incomplete traffic.
Your solution of putting the route into the PC is the only one for this network layout.
The better design would be to have only a single gateway per subnet and to attach the VPN conectrator to a different subnet and interface on the SRX. This would prevent any asymetrical routing from even being possible.