There are three ways to limit the number of Exchange Online users that D&MCS is scanning
Limitation by disabling the Exchange Online users
The fastest way to remove selected users from scanning is to disable them from the scanning using Edit Source.
When a user is disabled in the source - the users data will automatically be deleted from the sources and the users will not be scanned again. This works for all types of authentication.
Limitation by Scope (only for Modern Authentication)
The D&MCS use Application Permission to scan Exchange Online. Application Permission can be restricted by limiting the application scope.
To limit the service account scope please refer to the Microsoft documentation.
https://docs.microsoft.com/en-us/graph/auth-limit-mailbox-access
Limit the number of users by scanning "Selected Accounts"
To limit the number of passed users simply go to edit the source and set the scanner to "Scan Selected users".
Be aware that if your users are already delegated to the Service Account (basic authentication), or you use Modern Authentication without limitation the D&MCS will still have access to the data but it will not scan the data.