You are, again as many do, looking at the topic on a too narrow space.
I also love that you googled the topic and simply copied the first result you found.
First of all, those numbers aren't for servers, but the numbers in general. So the statistics you use are useless for a servers perspective, but I get your point there. (Actually not your point since you copied it)
Going by the fact that in general a Linux user has a higher understanding of the system, is a bad approach.
This biases the whole result. You need to assume both sys admins have the same knowledge of their system.
But ok, your point is mostly about the number of viruses now. And I have pointed exactly that out. BECAUSE there are more windows users, there are more viruses for windows. This is NOT because of security or the understanding of the user. If you have a higher user number, chances are you will infect someone.
Having more viruses, also means that it's more work for Microsoft to keep track of those and update their system accordingly. But the simple fact that many issues get fixed before there is even a virus for it, speaks for itself.
Reading the article you are quoting from, they are talking about a lot of small differences which are partially wrong in the first place or ignoring a part of the actual process.
And the whole article more or less is only from a users perspective.
The fact that "the first user is root" is actually true for both cases. Installing the minimal version of a Linux distro, the first user will always be root. You need to add other users manually. This is of course standard procedure. This not being standard in windows, has nothing to do with the system though, but with the user being careless.
Less people targeting a system or more careless users does not make or break the security of an operating system.
And those are the exactly the core arguments you find when you look for "experts" saying their opinion.
And apparently that ".exe" files can just be run while Linux requires to make a file executable first?
Actually this is not true. windows only runs .exe files out of the box if they were signed by a trusted developer. If not, you will have to confirm. It will also ask you for admin permissions if those are needed even on the admin account (but technically you can avoid that using a certain PowerShell command)
On Linux you actually do not need to make a file executable first too. This is wrong. You can work around that. Quite easily. And if you are on an admin account, it will execute it as admin. Without asking. Ever.
Less attacks might be an advantage, but what happens if that suddenly shifts? Which happens only when there are more users using Linux. Which again means more careless users. See how this builds on each other?
Edit: By the way, I thought the same thing for a while. Who changed my opinion was actually a now graduated PhD student in IT-Security working for one of the most renowned IT-Sec professors in Europe and is now head of one of the security departments responsible for devices of siemens. Not that this means anything, but you told me to ask an expert
Edit2: Oh yeah, Linux also doesn't have certain security dependent certificates out of the box like ISO27001. This is technically possible, but much harder and more expensive to gain with Linux. And here comes knowledge into play: It is common knowledge on how to achieve this on windows, not on Linux however. So much for the knowledge factor. This really depends on the area to be honest.