Tvheadend

You don't need to run tvheadend as root, you can start as root and drop privileges later.

Ok. I have to check. For me there is still the question what's the sense for this check. I dont see any. Without it I have even more choices on how to get port 554 used.

I had some time to dive deeper into the topic of privilege seperation. From my understanding, this would cause larger effort on changing tvheadend sources. Furthermore, it does still rely on starting as rooting, binding to port 554 and afterwards dropping root privileges. If this is not done appropriately, it might stil cause a security flaw. In addition, I cannot really imagine what is the correct point in time at which the privilege can be dropped, since the satip server can be reconfigured or being activated at any time.
So I still suggest removing the limitation to being root and staff the tvheadend binary with only that additional capability, e.g. by using sudo setcap CAP_NET_BIND_SERVICE=+eip /path/to/tvheadend-binary.

Have you tried port forwarding?

No, I have not. But I am sure it will work. Nevertheless, it is not a real solution but a workaround. I still don't see the sense of checking/forcing for being root just to start at a port below 1024.

For security reasons

Well, 'security reasons' are in fact the reason why ports below 1024 are privileged.
https://stackoverflow.com/questions/10182798/why-are-ports-below-1024-privileged
https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html
https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux

Your request would be an exception from the rule, causing a lot of confusion for most part of the users and at last results in many support requests in the forum.

I do not want to give the whole tvheadend root privileges.

Do you have got an idea how many program do have root privileges during the boot sequence?