I think there are two critical things to understand about USB Defender:
The first is, USB Defender doesn't allow or disallow devices to work on a system in and of itself. All USB Defender does is improve the native Windows logging around USB devices, and add those logs (like the one you saw) to the Event logs so the LEM Agent can read the logs and send them to the LEM appliance for correlation.
Second, USB Defender notices and creates logs for ALL USB Devices. Keyboards, drives, etc.
LEM (by way of USB Defender) only looks for and takes action against devices that have the "Mass Storage" descriptor, like this one:
I also have a Western Digital MyBook plugged into the same system, and it does not have a Mass Storage tag. It shows up as a disk drive, along with my RAID and NVMe controllers. Obviously, having LEM disable or detach disk drives would be a bit of a problem. As wolram said, these tags are assigned (sometimes arbitrarily) by vendors, so not much we can do about that.