In answer to that:
I suspect that the risk is a mis-perception and that you may therefore be worrying unduly.
There is in fact little or no risk if software that you want to install
at install time also asks you if you'd like to install some other software (PUP = "Potentially Unwanted Program").
You can accept it or not.
PUPs are not viruses (at least, not yet, anyway).
If you have a decent AV program - I use MS Defender (Security Essentials) AND
MBAM (Malwarebytes Anti-Malware) - then they will in any event nowadays usually catch the PUPs and ask you if you'd like to delete them.
Even if you did
accidentally let a PUP in, you could uninstall it later, without difficulty. As I said, PUPs are not viruses.
I would quite understand, if one was of a nervous disposition, that PUPs might seem like a scary risk, but they aren't, so you would probably be advising your friends from a position of ignorance.
PUPs are usually merely annoying "push" apps -especially if they slip through without one's approval. I got a real PUP on an otherwise "clean" laptop last night - SysTweak (https://blog.malware...-with-5-star-awards/
I suspect it was either as a result of my 6y/o son downloading a game, or (more likely) a 4-hour Steam re-install and download of Fallout 3 (the original files had been wiped by a forced install of Win10-64 "Anniversary Update"). Anyway, this morning, MBAM found the PUP and I told it to delete it.
"The sky is falling down!", said Chicken Licken.