There must be exclusions in Windows Defender before the Kernel Exclusions are added to prevent Agent instability/corruption.
There are multiple versions of Windows Defender and Kernel Exclusions should only be added for paths that currently exist/are in use in the environment.