Nah, stick with the built in Windows stuff plus a bit of good sense regarding how you use your device(s). The stand alone malware-bytes can be handy to clean off something if you've had a bad day and been foolish at any point. The alternatives are often so restrictive that they start to impinge on normal computer use, and they can slow things down a fair bit too. Anyone who is doing anything risky enough to bring the idea of a subscription malware service into play should take better steps to isolate their activities from their important stuff.
The three approaches to take on top of Windows Defender/firewall are:
1) Make sure you are using a NAT based router (though you should turn off any other 'firewall' protection on it as it doesn't help and often gets in the way, other than NAT and obviously wifi encryption which are essential).
2) Make regular system image backups to an external HDD which you can disconnect when you're not playing so safe. This can be done with the built-in W10 system image utility. Then you can wipe the system if needs be and be up an running again very swiftly.
3) This is the key - when you are handling things you know are risky, do so in a virtual machine. After the session, you simply delete the VM concerned. This will minimise the risks significantly.
Of course, if you're setting things up for someone who you know won't think things through before clicking, you may need to try to buy them some automated system. Just realise you will likely be called in to solve the problems those packages cause instead. Better that you keep a system image on hand to rescue them, so backup whenever you go round to give their PC the regular once-over.