If you want to be secure, you should mod your install to get the newest W7 patches. Microsoft tries to limit them to paying businesses, but you can lie to their servers and get them anyways. They are still publishing security only updates in 2022, but it will at least buy you some peace of mind. Most businesses I know use either Kaspersky, which has a good reputation but might be backdoored by the FSB, or Sophos, which I’m not sure is very effective but should provide extended support for an older OS because of who most of their customers are. That said, I’m not sure you need it. Windows was full of holes even when it was patched, and a lot of the internals were reworked for Win8, so you might avoid backported exploits most of the time. If you’re using an updated browser, have AdBlock, and don’t go to strange websites or download weird files, then it’d be hard to infect you unless someone else on your network is infected. Personally, I’d switch to Linux in your scenario. Most games work with Proton. Most software works okay with Wine or has a decent alternative. Outside of video editing and CAD work you can probably get away with it, and be safer doing so. If you’re downloading malware-infected warez then you should definitely avoid Win7, or any form of Windows, and look at Linux.
Pretty sure Wine has options to limit exposure and failing that, you can always look at BSD jails and similar features across multiple distributions to provide a chroot or dedicated runtime environment for that program. Will require some know-how but you can sandbox basically everything you do so breaches can not spread. If you insist on running Windows 7 in 2022, use it as a normal limited user and not admin, use UAC to allow superuser access when required. That is more secure than running any Windows operating system as an admin. It is possible to sandbox a Wine installation inside Docker and this would limit the damage if a Windows malware was found inside a Wine instance. Although using Qemu to run a Windows 7 instance in a fast and stable virtual machine would be even better. Qemu works extremely well to run Windows in a VM. Networking is easy to use and this is preferable to running Windows 7 on bare metal. But it is nice to know that if you must run Windows 7 on bare metal, you can at least get security updates in 2022. Although this is only for business users. More information: https://docs.microsoft.com/en-US/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq.