Hi Mohammad,
The MMA is not doing the scanning.
That's for collecting performance metrics and monitoring the Security Event logs.
It would be either the Qualys service you mentioned or Defender for Endpoints, depending on your selection.
Note that I also have suspicious about the Defender for Cloud policy not understanding the differences between the (newer) AMA agent and the Log Analytics Agent - not saying this is part of your problem but worth thinking about.
I have an on-prem Windows 2022 server using Arc with which I'm happy to do more testing for you. I don't have any VMs in Azure to save lab costs.
You should be able to go into Defender for Cloud > Workload Protections > VM Vuln Assessment - and choose to use Defender over Qualys.
Good Luck!