Is a very good idea, I would find it easy to do, since one could work with the EXE ACL replacement, with detected applications, for an group or specific Windows User I've good ideas for it, can detect all applications list, and get an lock based in the exe path, for an specific application without run any file...
You can also lockdown software using Software Restriction Policies in the Group Policy Editor edit Applocker is using the same method so it will be restricted to Ultimate and Enterprise
I have installed this and tested on Windows 7 X64 Ultimate and works as it should, I have not found any issues as yet
Another thing you need to check, on windows 7 It is not running in the background after reboot. Again not issues with win XP