I can't remember last time I even heard about a malware in someone else's Windows machine, let alone my Windows machine. I don't know what you mean by debugging installers.
Sounds like an outdated opinion. Just like those "lol PHP bad" regurgitations and linking outdated articles about it.
Also most Windows software is just taken off the web and installed with administrator privileges. Sure, there are package managers. In practice, they're rarely used on Windows.
From a technical standpoint, Windows isn't "that bad" at allowing malware. From a culture standpoint, almost nothing has changed since the 90s. Linux and Mac have a different culture.
They gutted the OS so much that users start disabling security features.
And don't get me started with atrocious window manager from macOS. Took a decade to improve it slightly. Still far away from some Linux DE and Windows. I don't enjoy having to buy apps to fix macOS. There are some open source tools for some things but for others it's cost effective to just buy.
