Do you think any of that is relevant to the case of buying a barebones PC that doesn't include SSD or RAM, then adding those components yourself and installing a non-Windows OS?
If your MSI motherboard is installing Nahimic without an internet connection, it is doing so through a mechanism where the installer is made available to the OS in an ACPI table that Windows checks. That check can be disabled with a registry key to prevent such software from being re-installed, and the motherboard may have a BIOS option to disable the anti-feature (though the registry key method is generally more effective, since BIOS settings often get reset to defaults).
Please don't ignore the points I've already made about how a firmware-based attack against a non-Windows OS is a lot hardware to pull off. I'm not asking if you think a company would be willing to ship such malware, I'm asking what kind of malware you think is realistically possible. What do you expect a UEFI-based malware to be capable of doing in this context, given the constraints of the hardware we're talking about?
If your MSI motherboard is installing Nahimic without an internet connection, it is doing so through a mechanism where the installer is made available to the OS in an ACPI table that Windows checks. That check can be disabled with a registry key to prevent such software from being re-installed, and the motherboard may have a BIOS option to disable the anti-feature (though the registry key method is generally more effective, since BIOS settings often get reset to defaults).