Yes, with administrator rights you can do just about anything you want to do on that Windows computer, but these “things” will be detected when a malware/virus detector is run on the system. But with this new exploit the admin rights are used to install the malware under the linux subsystem whose processes are not currently monitored by many of the popular malware/virus detection products. This allows the malware to remain undetected and continue doing its evil work while your protection software still thinks everything is hunky-dory. These products will be updated shortly to monitor linux subsystem.
Ah, that makes sense, and I see the reason for concern. It’s one thing to have a problem, it’s another thing entirely to have a problem but not know you have a problem.