Windows Hello for Business PINs are device and user-specific and thus are not managed in any central way and also not changeable by anyone except the user. If the user needs their PIN changed, then they need to use one of the other methods to log into the same device and then they can change the PIN. If the password provider is disabled, then an admin will have re-enable it on that device first. Note that this is unrelated to Intune.
Information about how this provider can be disabled via group policy is at https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/passwordless-strategy#excluding-the-password-credential-provider. For information about to disable it using Intune, see https://www.petervanderwoude.nl/post/excluding-the-password-credential-provider/