It seems to me that the security mechanisms you described already exist. But Microsoft can't prevent the installation of legitimate anti-cheat software while still letting users install whatever they want to. It is a double-edged sword, one comes with the other. Users who seek this kind of protection (i.e., OS editor telling app makers what they can or cannot do) should drop Microsoft and switch to Apple.
Also, we should not confuse anti-cheat software with malicious software: if you purchase commercial software from an editor who wants to bundle anti-cheat technology in its product, this is not a malicious installation. The security mechanisms you described are aimed at preventing the malicious deployment of code in your system, not the installation of intrusive software on behalf of the consenting user.
Also, we should not confuse anti-cheat software with malicious software: if you purchase commercial software from an editor who wants to bundle anti-cheat technology in its product, this is not a malicious installation. The security mechanisms you described are aimed at preventing the malicious deployment of code in your system, not the installation of intrusive software on behalf of the consenting user.