Would a Windows10-11 user be able to tell there are "rootkits" embedded in installations, without looking at the (optional) disclosures made available now on steam ?

In other words, what guarantee is there that if i'm buying a game from Steam, or say GOG, that there's no quasi-malware riding along with the game install ?