They can prevent that if they want to (there are tons of admin software to prevent users from install unapproved software on windows) so it really is a nonissue. The main issue is extra space, but that also isn't that big of an issue if the app is written well for updates and I don't know why that would be any more or less efficient when installed by "user" vs "admin"
While they could prevent it, that's not how. The software is never "installed". It's only unzipped to scoops install directory (usually home/scoop/...)
Then it adds the install directory to the PATH and it's done. The copied executables have never been marked as unknown by windows in my experience.
Admins could of course lock down systems to only allow executables with specific hashedls which are manually whitelisted by the admins, but just disallowing installs won't help at all
Disallowing powershell or scripting altogether makes it impossible to use as well.
