Groups should always have at least one admin.
Currently, that's not guaranteed because https://github.com/mlaa/cbox-auth/blob/master/includes/class-base.php#L355 doesn't check if there are other admins.
One possibility would be to use groups_demote_member() instead which returns false for admins.
We should probably still have a fallback hooked to the groups_demote_member action to handle cases where the group is admin-less and give it a placeholder admin or promote another member.
See also https://buddypress.trac.wordpress.org/ticket/7677