Oh, absolutely. There are some ways to avoid this--customer managed encyrption keys, for example--but there will always be some kind of trade-off. The less an EDR (endpoint detection & response) tool can see, the less useful it is. Going with a customer managed encryption approach means the customer is then on the hook for watching and alerting on suspicious activity. Some orgs have the capacity and expertise to do this. Many do not. It often comes down to deciding if you have a budget to do this yourself to a level you and an auditor/customer is comfortable with (and proving it) or outsourcing to a known and trusted expert.

EDIT: For additional context, I'd add that security/risk tradeoffs happen all the time. In practice trusting Huntress isn't too different than trusting NPM with an engineer that has root access to their machine or any kind of centralized IT provisioning/patching setup.