disable malware protection by default

[aarz-snl]

🗣 Description

#626

This disables malware protection by default from Elastic Defend. Users can then decide to turn on malware protections as needed.

This also added a quick comment to documentation on Windows integration to only use Metrics if absolutely required. This requires manual intervention... user MUST click to disable.

💭 Motivation and context

Elastic Defend and conflict with Windows Defender. This should be off by default since Defender is pretty common on all Windows Endpoints. Users can decide to use if wanted.

📷 Screenshots (DELETE IF UNAPPLICABLE)

🧪 Testing

Performed install, and in fleet verified that Malware protections were turned off by default.

Must verify that defender doesn't get disabled on a Windows machine

✅ Pre-approval checklist

• Changes are limited to a single goal AND
  the title reflects this in a clear human readable format
• Issue that this PR solves has been selected in the Development section
• I have read and agree to LME's CONTRIBUTING.md document.
• The PR adheres to LME's requirements in RELEASES.md
• These code changes follow cisagov code standards.
• All relevant repo and/or project documentation has been updated to reflect the changes in this PR.

✅ Pre-merge Checklist

• All tests pass
• PR has been tested and the documentation for testing is above
• Squash and merge all commits into one PR level commit

✅ Post-merge Checklist

• Delete the branch to keep down number of branches

[aarz-snl]

To confirm after install go to Fleet -> Agent policies

See Elastic Defend policy

Scroll down and ensure Malware is turned off -- need to test with a windows machine and ensure defender isn't turned off.

[rishagg01]

Ran cluster run on this PR. It Passed. PR is approved.

[tylmorr-snl]

Confirmed that this fix will stop defender from being disabled. Recommend that we merge with main.