I can’t say I have tested this with BigFix v10 specifically, but generally it is possible to get very old bigfix clients to work, but only if you disable security features for the entire deployment that those old agents do not support, which is not recommended.
If you have older legacy devices that you have updated to the newest agent but there are no longer newer agents available from us for those devices because their OS is outdated, then you could split them off into a separate bigfix deployment that is only for legacy devices, but you are going to run into issues with that approach long term in terms of lack of security patches for the agents.
We tend to be very conservative about cutting off legacy OSes and tend to keep them around for long after their end of life.