Basically every antimalware program runs with administrator privileges (and "more", it runs in kernel).
Stripping avast addresses from hosts file is indeed part of the self-defense feature - malware can use it to disable some Avast functionality, to prevent being detected or removed.