If you want to scan for vulnerable packages you can easily enable it via /var/ossec/etc/ossec.conf. In section <vulnerability-detector> set the value <enabled>yes</enabled>.
There are 4 different providers available: canonical (Ubuntu), debian, redhat and nvd (Windows). Depending on you use-case you can set the ones you have in use to <enabled>yes</enabled>.
After this just restart Wazuh-Manager and you are good /var/ossec/bin/ossec-control restart.