-snip-
This is correct. 2FA with an authenticator will not work here in the way OP wants it to.
Authenticators are based on a shared secret. Whenever you enable 2FA on a site, service, exchange, etc., the site in question gives you either a QR code to scan or a string of characters to enter in to your authenticator app. That is the shared secret. Whenever you go to log in to that site in the future, your app uses a hash of the shared secret and the current time (usually floored every 30 seconds) to generate your one time code. The site in question performs the exact same calculation and ensures that the values match.
To enable 2FA on your wallet (without involving a third party in a multi-sig arrangement, such as with Electrum and Trusted Coin), then your wallet
must store that shared secret to ensure whatever code you enter is correct. Therefore, if someone steals your wallet file, they also steal your shared secret, which negates the entire point of it in the first place.
Speaking more generally, 2FA is designed to require something you have (the app on your phone) and something you know (your password) to enable you to log on. In terms of accessing a wallet, this is achievable using a hardware wallet with a passphrase, or an encrypted airgapped wallet. To access your wallet, an attacker needs something you have (your hardware wallet or your airgapped device) and something you know (your passphrase or decryption key).