If you have several programs that do a lot of ad-hoc or periodic accesses to the internet, being ones that could interfere with DAW operations, I would suggest dual-booting, as each OS can be independently optimised, and only include the programs required by each.
I set up mine be installing each OS on their own drive, with no others in the system. They share all the other drives. I use an Icydock MB996SP-6SB ToughArmor 6x 2.5" SATA HDD Hot Swap Mobile Rack, which allows me to swap OSs by just opening the door for the one I don’t want, but only when changing, as the system remembers where it booted from previously.
As for Defender, I find that it is fairly non-intrusive, as it tends to do its stuff during idle times, unless you initiate a scan.