You just answered your own statement below. Comodo, for example will ask for install, etc.
I don't think you understood the point I was making there because your response makes no sense.
You were complaining that programs can add themselves to the Windows Firewall's "allow" list. I responded trying to explain that with sufficient privileges, any program can make changes to the configuration of any other program (Comodo included in case that needs to be pointed out).
With good security come cumbersomeness. If one were to operate exslusivly with a white list only then those crap ransomware viruses wouldn't even be able to execute.
No matter the security product there comes some sort of cumbersomeness. Even having to use passwords becomes a PITA.
There isn't any stretch of the imagination whereby good security results in asking a clueless user technical questions. As I said before, it makes more sense for a security program to have an option (not enabled by default) where it asks more verbose questions like the sort Comodo does by default so that users who think that they'll benefit from that sort of thing can do so.
In my experience a program (which needs to listen to a port and respond to incoming traffic) will ask if it can add itself to the Windows Firewall exception list, and to add it requires elevated privs. I honestly don't see why most people need it to be any more complicated than that, and it's difficult to make it any simpler.