Veeam used to make their own agent. But now uses Microsoft's own agents that they make specifically for this. So there isn't a Veeam agent anymore, but VMware makes one and Microsoft makes one.
In a situation like this one, the generic agent that needs to be installed on the guest (not the host) is called VMware Tools. If you don't deploy that, then you get the totally reckless straight snapshot behaviour from an "agentless" backup mechanism.
Even using the tools isn't fully safe unless you manually verify every workload. For example, most of my workloads aren't supported by the VMware Tools agent, and therefore, not by Veeam. I don't actually know any business bigger than a few people where the "agentless agent" fully supports their workloads.
But everyone does it because.... it's not ITs risk when the business loses data. They will just point fingers at the vendor and claim that they didn't understand how backups worked and their management will almost always believe that it is "too complex" for IT pros to have understood and accept that they didn't do their due diligence.