I'll answer these as best I can...
1. I've found this typical for a couple of reasons, systems are sitting on a shelf after getting the agent but, haven't reported in since then. Are the 20-33 systems laptops out in the field away from your network. Have you set up your system to work with an Agent Handler in your DMZ? What report are you running. If all 100 machines have the McAfee Agent on them and you are running a report related to Virus Scan is VirusScan installed on those other 20-33 systems? The answer really depends on what you are reporting on and you may have to look at the report to see what the criteria and/or filters that are set on those reports.
2. Can't help with the Linux side since we don't run that in our network
3. If you are referring to On-Access Scanning. Look to the High/Low Processes and customize these features for your network. Here is a link to McAfee KnowledgeBase - Understanding High-Risk, Low-Risk, and Default processes configuration and usage
4. If you have a task (which I assume is) a On-Demand scan then, you'll want to set that task to include the "Missed Task" option so, that when the computer is booted up at 11:30 it will fire off the task that you wanted to run at 10 that morning.