Microsoft Defender (aka Windows Defender) comes pre-configured on Windows Server 2016 and Windows Server 2019 to provide standard antivirus (AV) scanning and protection by default. However, in case, if it is not installed then you can add it by using the Add Roles and Features Wizard.
Different versions of Windows may have slightly different steps to access the Microsoft Defender settings. These settings should be available through the "Update & Security" section in the main Settings app, searching for Windows Security or Windows Defender in the start menu, or by searching directly for virus & threat protection.
For example, if you want to check if your server has a virus, you can open Virus& threat protection to start the scan for full server
Note: If you want to do a full scan, please click Scan options to choose Full scan.
Microsoft Defender Antivirus collects underlying system data used by threat analytics and Microsoft Secure Score for Devices. This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture.
The answer is, of course, yes! It can be a good idea to get another antivirus solution because blocking malware and viruses should just be one part of your threat protection. Today's cybercriminals are using elaborate ruses to try to access your personal information, such as your bank and credit card numbers.
Note: Microsoft Defender will continue to provide passive scanning capabilities even if a third-party AV is installed. If you installed a third party AV, Windows Defender cannot be re-activated as the default AV for your system. You must uninstall any third party AV before Microsoft Defender can be used as the default AV again.
If you install another antivirus product, Microsoft Defender Antivirus automatically disables itself and is indicated as such in the Windows Security app.
Limited protection against advanced threats: While Windows Defender is effective against common malware and viruses, it may not provide adequate protection against more advanced and persistent threats, such as advanced persistent threats (APTs) or ransomware.