Hey,
None that I know of. Checking the demo system or any freshly-installed, Samba4-based one is what I’d have done, too.
If you’re not comfortable with removing it, then we could go down that other road, if you want. First let’s check if there’s an idmap entry for the OpenLDAP group ID of that administrators group:
ldbsearch -H /var/lib/samba/private/idmap.ldb xidnumber=5010
Next add the sambaSID attribute to the entry in the OpenLDAP. Save the following as add-sambaSID.ldif (change the DN to your actual base DN, of course):
dn: cn=Administrators,cn=groups,dc=some,dc=thing
changetype: modify
add: sambaSID
sambaSID: S-1-5-32-544
Now apply it:
ldapmodify -x -D cn=admin,$(ucr get ldap/base) -y /etc/ldap.secret -f add-sambaSID.ldif
Observe if /var/log/univention/connector-s4.log shows any errors about syncing that group afterwards.
Now change that idmap entry to point to the correct Unix group ID:
ldbedit -H /var/lib/samba/private/idmap.ldb CN=S-1-5-32-544
Replace xidNumber=3000000 with xidNumber=5010, save & exit the editor.
Restart Samba (or the whole server) — just in case.
Depending on the first ldbsearch I asked you about in this post and potential S4 connector rejects (see univention-s4connector-list-rejected), we may have to do some more work.
I cannot really test everything I write here before posting, especially the modifications. Hopefully nothing’s too broken 
mosu