Yes, the NXCOMPAT flag is turned on by the standard .NET language compilers since .NET 2.0 SP1.
ASLR is essentially automatic in .NET programs by virtue of the JIT compiler. Where it will place the JIT compiled machine code is unpredictable. Albeit that it will likely be repeatable on the exact same machine with the exact same revision number of the CLR and the exact same flow of the startup code and the exact same DLLs getting injected into the process. Not easily targetable by malware though. The ngen-ed .NET assemblies don't support ASLR afaik.
ASLR protects against known unpatchable security flaws. The security flaw has to exist first, uncommon in verifiable code.