The NoVirusThanks software are good choices, SysHardener should have a restore point or use of imaging software in case a rule breaks something in the system (happened to me). Same if one is using built-in Group Policy if you have paid Windows versions.
If one is patient and committed to keeping Defender enabled, I would maybe wait for developer Andy Ful to introduce his Casual User Protection for easier and more understandable security policies and restrictions. This, like many other software (VoodooShield, OSA, ConfigureDefender)) potentially has far less impact on one's system performance, much less bloat, and Defender's security is still enhanced.
Coincidentally I got an alert that CFA blocked cleanmgr.exe after installing Windows updates but cleanmgr still executed successfully without whitelisting. My view is that CFA alerts are not always accurate and can be sometimes be ignored. CFA does not kill or stop the work of applications. It...
malwaretips.com