Add yaml setting for Windows Unrestricted execution policy

On Windows, it is very unexpected behaviour to not be able to run a .ps1 file on a CI worker.

powershell -c "Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine" or similar, should be the default IMO.

But either way, there should be a yaml setting for this and it should be documented in the Windows config, so it can be done automatically in the build box init.

Then only people needing a less friendly CI worker can disable it when testing something where they need the worker to be as pristine as possible.