You're referring to [Sandboxing] Mandatory Access Controls [0]. Windows doesn't implement MAC in the same way, instead using Mandatory Integrity Controls [1].
Windows can implement these things as much as they like, but if you paste a command into CMD.exe, it can access your files with no popup like MacOS gives you.
In Win, access to files are controlled by ACL when NTFS is used (dating back to NT 3.1 with NTFS). So it depends on which user runs a process.
Basic hygiene is very simple: never run as Administrator. Create and use a regular user or poweruser group user. It's similar to a regular linux practice. Use Administrator account when needed only.
GP is talking about isolation inside the current user. Recent macOS versions ask before allowing a program to access files inside Documents, Desktop, etc. Whether that helps or not is debatable, but it’s not quite the same as what Windows ACLs do out of the box. To achieve the same on Windows, one would have to run the program as a different user to which they’d selectively grant access to the folders inside their profile.
It's not enabled by default, though. Enabling it by default would probably break just about every Windows program out there and like UAC on Vista, everyone would turn it off immediately.