If they can log into your account you have already lost the security battle. 

The current requirement to re-enter your Windows' password protects against casual attack on an unattended logged-in machine, but there are plenty other ways to attack your Chrome passwords once they have your Windows login (installing keyloggers etc). TFA here would just give the illusion of more security.

And of course with access to the machine they can log in to those websites using the stored passwords anyway.

So every end user that works at any company has already lost the battle of security with stored passwords on Chrome? (that's millions of users)

In other words, never store your passwords with Chrome because it cannot be trusted. Got it. Feature disabled!

Seems like we need a more secure way of handling these passwords to me.

Keyloggers are a totally different topic. In certain states it is illegal, unless a waiver is signed.

It's really about who you are defending against, rather than software. If you don't trust the people who have the ability (and presumably the right) to log in to your machine *as you*, then you shouldn't store on that machine anything you don't want them to see (Chrome passwords, and much else besides, included.)

This is literally the only security issue I have on my workplace computer. There is certainly better ways to handle the passwords so that others cannot so easily obtain them. Perhaps don't make a page that lists all of them? What is the point in that?

I can second the comment #2. If you don't trust your administrator then don't store or even log in to the sensitive sites. They can install a key logger or even something that looks like Chrome but in fact does something behind the curtain.
On top of that I recommend to activate the 2nd factor auth where possible so that just a password isn't enough to log in.