As a network and security engineer, I completely understand your team's concern. However, WMI is no less insecure than SNMP. Both offer protection against unauthorized access if configured correctly, and both are needed for Orion to pull information from a windows server for the "complete picture." SNMP is good for standard MIB2 data (CPU, Memory, Interfaces, etc.) and WMI is better for application data (DC services, etc.).
I would state that WMI is more secure...It requires username/password to access whereas only SNMPv3 requires credentials. SNMP is limited as well as deverts stated only pulling in basic information. Now that being said I believe there is more work to do from an overhead perspective by SolarWinds if WMI is used for all nodes.