The built-in device compliance policy evaluates three things - whether the enrolled user exists, whether the device has a compliance policy assigned, and whether the device is active.
Under Compliance policy settings, you have the option to mark a device with no compliance policy assigned as "Compliant."
You can check the Built-in Device Compliance Policy to see if anything is being flagged. One possibility is that it has no compliance policy assigned. https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started