There have been two reports now from users that the configuration dialog cannot be opened and that decryption of messages failed. The underlying cause is a Microsoft Defender rule that blocks CreateProcess calls. I believe it is https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-all-office-applications-from-creating-child-processes
In this case we should handle the error and probably show a MessageBox with at least some information pointing administrators to the possible source of the problem. GpgOL uses GPGME Spawn Engine for that and the decryption failure with Unsupported Protocol also comes from GPGME so maybe GpgME's w32-io spawn would be the best place for such an error handling. Though we need to check which return code occurs in case of such a blockage.