Users assigned to this role are added to the local administrators group on Azure AD-joined devices.
This role is available for assignment only as an additional local administrator in Device settings. Users with this role become local machine administrators on all Windows 10 devices that are joined to Azure Active Directory. They do not have the ability to manage devices objects in Azure Active Directory.
Once the user is added to local admin group in Azure AD join device, they will be able ot install any apps in the device.
This role will work only for devices with join type "Azure AD joined" devices.
It will not work for devices with join type "Azure AD registered".
For reference, you can check below article,
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.