You may use Windows AppLocker or Software Restriction Policies (SRP) to prevent the execution of explorer.exe
and any other unwanted applications.
In Start Search type gpedit.msc and hit the Enter key.
Now navigate to Computer Configuration -> Windows Settings -> Security Settings -> Application Control Policies -> AppLocker.
Create a new executable rule to deny explorer.exe for all users except those who need access (e.g., administrators).
Again, open the Local Group Policy.
Navigate to Computer Configuration -> Windows Settings -> Security Settings -> Software Restriction Policies.
Create a new rule to disallow explorer.exe and any other unwanted executables.