I use Defender and manually scan everything I download (including client files, stuff from work servers, every single installer, etc.). It's been fine so far. I basically do the same thing on other computers as well, with the sole exception of signed packages from the package managers on my *nix boxen.
Other than that, I'm trying out NetLimiter, which is a very configurable firewall that can be set to ask you about every outgoing connection on your machine, including for OS services. It's a little weird on a studio computer because it causes a
significant DPC latency spike whenever it triggers a popup to ask you to allow/deny something....and it will pretty much always cause an audio glitch. It doesnlt seem to do that just from blocking something, but I might be wrong about that...haven't tested enough yet.
It's been rather interesting to see what it alerts on. I'm probably going to buy it when the trial ends. It's the same idea as Little Snitch on macOS.
I'm almost to the point of thinking that something like it is essential and worth the headaches (e.g., turning it off and disconnecting from the network when you're recording).
I do use a firewall though so I can track a bit what apps are calling outside.
Which one are you using, and are you blocking or just monitoring?