Don't rely on AV, it will only keep you safe from bottom of the barrel low effort attacks. Most of the work that goes into securing your computer, accounts and identity is knowledge of the threat landscape, monitoring , vigilance and precaution (e.g. recognize potential threats, plan your security based on who they are. Run unknown programs in a isolated VM. Don't open documents from the internet. Compile shit yourself. Check for strange registry keys/files/processes).

This is advice looked down upon, but running a lesser used OS like a linux distribution will greatly reduce your chances of attracting malware. Simply because the vast majority of malware targeting users (not IOT, servers, etc) is infecting Windows or MacOS (that's where the users are). If you go this route, still use all the previously mentioned advice (besides AV. There is no good AV for linux, and it is not needed).

That said, for Windows, Defender or Malwarebytes is all you'll ever need (don't purchase a premium AV product).