Exclude WSL 2 VM from Windows Defender

Question

I'm trying to exclude my Ubuntu VM in WSL 2 running in an up to date Windows 11 Pro installation.
The problem is that my local build is terribly slow when Windows Defender is active. Setup is as follows:
Java, maven, docker and code are all installed inside the ubuntu vm.

Im using IntelliJ 2022.1 in Windows to run and build the project using the wsl path:
\\wsl$\Ubuntu\home\<user>\<maven project>

This works and recognizes the correct JDK etc. from the VM. The problem is that the process "Antimalware Service Executable" is blocking all I/O and makes the build extremely slow. (stuck for 40 minutes slow)
As soon as I deactivate realtime protection of Windows Defender, the build is very fast -> https://medium.com/@leandrocrs/speeding-up-wsl-i-o-up-than-5x-fast-saving-a-lot-of-battery-life-cpu-usage-c3537dd03c74 This of course leaves the system basically without protection, which is not a real long term solution.

I read a lot of documentation and different threads about this problem, but almost all are about WSL 1 and advising to change to WSL2. Especially this thread has a lot of Info on this topic: https://github.com/Microsoft/WSL/issues/1932

The main approach there is to exclude specific folders from being scanned by Windows Defender, which existed in WSL 1 but not anymore in WSL 2. This is because WSL 2 now uses an ext4 image and doesn't expose the local folders anymore. I tried the same approach for WSL2.
The most important one, is the one for my VM: \\wsl.localhost\Ubuntu

This is not working and doesn't exclude my project inside the vm from being scanned by Windows Defender.
Does anyone have an idea how to exlude folders / files from WSL 2 VMs?
My Windows Defender Exclusions

Answer 1

Turns out Microsoft has something called Credential Guard which uses virtualization based security. E. g. using Hyper-V in Defender security scans. I cannot say how or why this got enabled on my machine, but it uses Hyper-V even though the optional Windows feature is disabled.

I found this only in an attempt of trying to compare performance with a new virtual machine in Oracle VirtualBox. There virtualization only worked with software emulation, because Hyper-V was active (Hyper-V must be inactive for Virtualbox native virtualization). Check this thread to analyze if Credential Guard is active and how to disable it: https://social.technet.microsoft.com/Forums/en-US/8a1f9ba3-9d6b-439a-99a7-f2c318169f9c/why-is-the-hypervisor-running-even-after-hyperv-is-uninstalled-?forum=winserverhyperv

I don't know how this "feature" got enabled. On a second PC with a fresh Windows 11 installation and WSL2 this doesn't happen. After disabling it, performance went to normal with Defender being enabled.