Some of these sound reasonable. For example there are un-patched minor Denial-of-Service attacks in both Windows and Linux, and I'd expect a pentest to report on those, even if there's nothing we can do about them (for example monitor, inform ops etc of the potential for said attack).

If OS detection is wrong (and its not a precise science), reporting on these is reasonable.