Yup pretty much came to the same conclusion:
solved-how-to-make-windows-defender-to-update-automatically <-- Server 2008 R2, this uses: C:\Program Files\Windows Defender\MpCmdRun.exe
I'm going to blog about the steps in detail here. Please note, my website is 100% free, no ads, donation based. Also note, my steps are detailed steps for deploying a script via GPO and the script is run and managed using a gMSA. This is NOT trivial, but I felt it was decently secured.
Thanks for your help. Wow.... Just noticed Adam the WSUS MVP himself is following this question. :O