How to make ModSecurity unavailable for a certain user/domain so that user cannot manage ModSecurity settings?
Uncheck the Hosting settings management option under Subscriptions > example.com > Customize > Permissions.
Note: this option is responsible for other features too. Read more about this in Plesk Administrator Guide.
It is not possible to disable only ModSecurity for a certain domain without affecting other options that are implied by Hosting settings management