But then again, it’s still Windows.
Also the trust property – to any extent you can trust a Windows environment – has been bifurcated between Microsoft and whomever is behind AME. It’s not much different than running a rooted iPhone, in my opinion. On the iPhone you have to trust some third-party’s jailbreak, then who knows where you go from there. On AME Windows, removing some of that MS telemetry and stuff also means removing its guardrails. Some AVs on Windows have been as bad as anything, to the point that running Defender without 3rd party AV is probably a more sensible default.
I suppose if you read through that mess of a paragraph, you could say that one takeaway is that Windows is like digital herpes no matter what you do.