A misconception is that it’s possible to accurately determine whether something can or should be removed, when it’s usually impossible. The only thing that can uninstall windows software in general is the installer that installed it (if it’s correct), or a program that at least observed and recorded the installation of it. Any software that claims otherwise is lying, and at best it will fail and at worst it will make a mess of your system.
These days it’s more and more common to completely ignore the windows installer system and install per-user to app data, which has the benefit of allowing a better self-updating experience without elevated permissions, and lower risk of pollution of system files.
The worst offenders in my experience when it comes to traditional windows installers are those that are not using Windows Installer but instead simply act as scripts dumping files and reg entries without concern for transactionality, sharing etc. For example some flavors of installshield and similar.
The Windows installer system for all its flaws IS a pretty robust - but quite complicated - system for managing installs. The problem is that it’s either unused or misused, which is a consequence of it being too complex I guess.
On the flip side, this is a nightmare to manage as sysadmins, who try to maintain a tight ship using AppLocker polices. So many apps these days have a standard installer, but then they download an update and try to run the newer version from AppData, and of course, it gets blocked and we get calls from angry users saying that their app no longer works. Of course, we could whitelist the digitally-signed executable, but some apps aren't even digitally signed (or only partially signed), sometimes the digital signature changes completely... it's a mess.
Then there's the problem of dumping large binaries and entire applications into the AppData folders, which bloats up user profiles. This can be a bit of an issue with certain roaming profile systems like Citrix User Profile Manager, which by default works in a blacklist mode (ie, you have to explicitly blacklist paths that you don't want to roam). If you don't stay on top of this and add new AppData subfolders to the exclusion list, then you'll find all your large Chrome updates or whatever (with several versioned folders) all syncing back up to the profile server, wasting space, bandwidth, and increasing logon, backup, and AV Scan times. In a large organization with several thousands of users, this is a disaster waiting to happen.
Also, using AppData to store entire apps is just plan wrong - that's NOT what it was meant for. AppData was meant for storing app data, and the apps themselves are supposed to be stored in Program Files.
These self-updating apps are the worst thing that could ever happen in a corporate environment.
VB5 came with a built in installer generator - how did we regress from there?
And occasionally you run into issues with the MSI database corrupting, where you can't install/upgrade/uninstall something (we see this commonly with Adobe apps) , so you'd need to resort to third-party tools like MSI Zapper to get rid of all the references from the database. What a messy system.
I miss the days when programs used to use NSIS (Nullsoft) installers - they were tiny, and super easy to make and automate.