Hi Rousch,
KB5022661 is not a normal standalone fix you install on Windows Server 2008 R2. Microsoft’s KB5022661 article says that for Windows 7 SP1 / Windows Server 2008 R2 SP1, Trusted Signing support is provided by KB5006743 (Monthly Rollup) or later, or KB5006728 (Security-only) or later.
So on your Server 2008 R2 box, the important check is whether you have a 2021-10 update or newer from that line, not whether KB5022661 itself appears in the Update Catalog. KB4490628 and KB4474419 are useful prerequisites, but they are not the final requirement for Trusted Signing support. Microsoft also notes that machines must have the Microsoft Identity Verification Root Certificate Authority 2020 root certificate available. If the server is offline or auto root updates are disabled, that certificate must be installed manually.
One more practical point: Windows 7 SP1 and Windows Server 2008 R2 SP1 reached extended support end on January 14, 2020. So if your antivirus vendor is asking for "KB5022661" specifically, that is likely a vendor-side requirement written for newer Windows versions, not a package you can directly obtain for 2008 R2.
The best next step is to install the latest available Server 2008 R2 rollup/security-only update from that Trusted Signing support line, then verify the root certificate is present, and finally check with the antivirus vendor whether they support Server 2008 R2 at all for the new build.