Although this is similar to alerting when a user is added to a security group there are a few things that need to be changed.
Target: Windows Domain Controllers
Log: Security
Event ID: 5136
EventDescription contains: “Name of Distribution Group”
User added
EventDescription contains: %%14674
User removed
EventDescription contains: %%14675