Effectively this is done as a POC, don't expect any security on a machine running Windows 2000 nowadays.
Regarding legality, I hope that Microsoft doesn't claim any rights, since the Windows 2000 image has been published in WinWorld for years without issues.
Well they seem to add vnc and netcat shell listeners to the startup scripts so it is kind of backdoored on purpose already outside of what's in the iso
During the installation I add Netcat to have a bind shell, this way you can get a CMD shell from Linux using the "vmshell" command included in the image.
So yes, technically it's backdoored but only for yourself :)
Regarding legality, I hope that Microsoft doesn't claim any rights, since the Windows 2000 image has been published in WinWorld for years without issues.