I've been asked to find a solution to change the local admin passwords on users desktops

We thought of doing a GPO, but we have found out that its not very secure as you can still find out what the password is by running a gpresults report

Is there a secure way to do this via

There is nothing built into ConfigMgr to do this securely or otherwise.

You should check out the Local Administrator Password Solution (LAPS) from Microsoft (https://www.microsoft.com/en-us/download/details.aspx?id=46899) or third-party solutions such as those from Lieberman Software. 

Also note that the functionality to set a password via group policy preferences is is insecure for other reasons namely that it is stored in plain text (the reason you've stated can only be done by a local admin so that doesn't make it insecure). This functionality should have been disabled in your environment though via an update Microsoft released a while back.

You can find a nice way to encrypt a Powershell script and deploy it to the computers to change the password.

http://fbinotto.blogspot.ca/2014/03/securely-change-local-administrator.html

The reason you encrypt the PowerShell is to make sure people can`t just open the on the file server or in the local cache to get the password.