There is not an existing report within Defender to collect the information or users that have Administrator privileges or the ability to assign / unassign tokens.
It is possible to view the permissions on the Defender OU within Active Directory Users and Computers, and view users that have been Delegated these rights.
This can be tested by creating a sample user with the rights being investigated, and then view the permissions on the Defender OU. The results on the 'Permissions' tab may be sorted by user.
As well, it is possible to browse to the Defender OU in Active Directory Users and Computers, then right click 'Properties' and select the Security tab.
Then click 'Advanced' and select the 'Effective Permissions' tab. The 'Select' option may be used to view the sample user's Effective Permissions on the Defender OU.