I haven't tested it, but it looks good

Sorry for the ambiguity. The request was only about mentioning (bpX) for the first two choices, not to add more combinations.

Note: In vsd it must be restricted to the bp algorithms then

To test in gpgol after the fix (see T7836: GpgOL: Both disable and prefer S/MIME does not work):

1. Make sure you have both secret openpgp and smime certs for ted (both split S/MIME keys)
2. Deactivate "Always show security approval dialog"
3. Enable S/MIME and activate "Prefer S/MIME"
4. Kill background processes and restart Outlook (just to be sure)
5. Send an encrypted/signed mail form and to ted => should be S/MIME encrypted

Is the displayed version 4.0.0.260370 right for the appimage? shouldn't this also display the gpg4win version?

Looks good to me on gpg4win-5.0.1-beta24 @ archllinux:

The display in Okular is independent from Kleopatra, so dropping it in Kleopatra should be fine.
If a QES certificate is available, Okular should highlight and add a filter for them (which is currently not working, see T6632: Okular: Highlight / preselect "nonRepudiation" certificates for qualified signatures)

a) Here's a log anyway (ignore it, if decryption does always work):

@svuorela said, QES certs shouldn't be required to be on a smartcard.

In T6632: Okular: Highlight / preselect "nonRepudiation" certificates for qualified signatures I had the impression, that some hint is useful for signing operations. Probably not so much in general.