I think that also causes issues for roaming profiles and folder redirection. If roaming is turned on then everything in the %appdata%\roaming folder is synced to a server. %AppData%\Local is not. So if your app is using %AppData%\Roaming for temporary data then you are causing a whole bunch on unnecessary IO. Same for using Documents since that if often synced.
The problem is if anti-cheat does not have full access but the cheat does, the cheat can just hide itself. Same for anti-virus vs viruses. It’s particularly nasty on free-to-play games where ban evading really just means you have to get a new e-mail. It’s the same reason why some anti-cheats block running games in VMs. Is it fool proof? Hell no! Does it deter anybody not willing to buy hardware to evade VM detection or run the cheat on completely separate hardware? Yes.
Personally, I’d prefer having a stake/reputation system where one can argue that they can be trusted with weaker anti-cheat because if you do detect cheating then I lose multiplayer/trading/cosmetics on the account I’ve spent $80 USD or more on. Effectively making the cost of cheating $80 minimum for each failed attempt. Haven’t spent $80 yet? Then use the aggressive anti-cheat.