What about having to mark the exe as +x before Wine will load it? That's easilly doable frame any sane filemanager and provides a good level of safety.. and Wine already does a good job of making sure installed programs get +x.
Wow it actually does, never noticed that up to now :O The problem would be with one of the more common use case: trying to start/install a program from an optical disc. The files will not be marked +x and the directories not be writable. This problem scenario is also rather specific to WiNE; not an issue for KDE f.e. whcih yesterday had a related change committed: .desktop files have to be marked as executable to be run on click now. Lively discussion about that is still ongoing on kde-core-devel.
Despite from the install-from-cdrom issue, few users that have (been) switched from windows to linux will know how to chmod +x a file, so wine would at least have to give them a hint (or even a button) to do it. But once it becomes easy, they will just get used to clicking it and not be consciously pondering if the action is safe or not. So while i think it'd make sense, i doubt it is a practical solution to require files to have the executable bit.
Maybe a better solution would be to introduce an optional dependency on ClamAV and tight integration with it - known malware could be filtered and distributors would have greater interest in contributing to continuous ClamAV signature updates..
regards marcel.