Is this a DRM thing, or more a general system integrity and security thing? (It's probably some of both.) I know it flies in the face of years of tradition in PC gaming, and there are definite downsides to this approach, and the implementation of this in Windows could certainly be better—but preventing users from modifying application files is both good for reliability (users can't break things as easily), and good for security (making it harder for a user to modify application files also makes it harder for malicious code acting as that user to modify application files).
Ideally, applications can support modding and lower-level configuration overrides (e.g. .ini files in C:\Users\<username>\AppData, etc.) through supported hooks/mechanisms involving files in the user directory rather than direct modification of the application package. (This is also where save files, user config settings, etc. should be stored—the ideal is a clean separation between user files and system/application files.) Of course, this requires the application developer to build this support in the first place, which they often won't for cost-benefit reasons. And even if they do build such support, it disallows types of mods that may go beyond what was anticipated by the developer. So there are certainly downsides to locking down the application files in this manner. But, there's a rationale as well that can be acknowledged.