It’s true that payloads created by msfvenom will fail, if used ‘as is’. But there is some sort of ‘post processing’ you can do to make them stealthier. Then it works, this was my method of choice here … and on other Windows boxes than use similar protections.
I learned it from an ippsec video of a HTB box that shares some features with Giddy.