0.002 BTC sounds like the 2 factor security fee. This is collected once for every 20 transactions, i.e. the following 19 transactions won't have a fee.
Those 0.002 are charged from trusted coin.
You do have 2FA activated in electrum, right?
I very much doubt that this has anything to do with 2FA, as you can't use 2FA and Hardware wallet together in Electrum. The wallet is either a hardware wallet, or it is a 2FA wallet...
As the OP has specifically mentioned he is using a Ledger, then it cannot possibly be a 2FA wallet. It is just a coincidence that his "change" amount was 0.002 BTC.
I have seen in my recent transactions using Ledger+Electrum that it does indeed make you confirm ALL outputs (including change)... There was previously an "issue" when Ledger did the initial SegWit update where "Output #2" was showing up and that was supposedly patched... I'm not sure if this is a regression issue from later releases, or if this was deliberately done and is now "by design".