FYI I found the issue.
The problem is the following setting which is part of the recommended configurations in the CIS benchmark for Windows Server.
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' (Automated)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Group Policy{35378EAC-683F-11D2-A89A-00C04FBBCFA2}:NoBackgroundPolicy
Registry processing takes too long and the MpsSvc starts with the settings in the PersistentStore.
You can deploy the PeristentStore settings via the following registry key:
SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile EnableFirewall REG_DWORD: 0x0 (0)
17:41:36.9470338 svchost.exe 2000 2596 RegDeleteValue HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall SUCCESS
17:41:44.6079838 svchost.exe 2100 3508 RegQueryValue HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\EnableFirewall SUCCESS Type: REG_DWORD, Length: 4, Data: 1
38724 [3] 0834.0DB4::10/18/22-17:41:44.6986418 [windows] dllmain_cpp1227 FwGPLockInternal() - FwGPLockInternal: EnterCriticalPolicySectionExStub returned 0000000000000000
38725 [3] 0834.0DB4::10/18/22-17:41:44.6986465 [lh] fw_prof_mgr_c2023 FwProfileMgrUpdateCachedPolicy() - Acquiring the GP Lock Failed... GP will not be pushed, until next GP notification (soon to come)
38726 [3] 0834.0DB4::10/18/22-17:41:44.6986473 [lh] fw_prof_mgr_c2027 FwProfileMgrUpdateCachedPolicy() - updateGroupStore=0