Postgresql – Restrict access for Windows administrator in PostgreSQL

No, there is no reliable way to prevent the local administrator (or a domain admin with the ability to grant themselves local admin on a machine) from accessing the raw PostgreSQL data files, starting/stopping the server, changing the service account password, changing pg_hba.conf so they can log in to the server, etc.

As stated in the comments, if you don't trust someone don't give them local admin.

Sufficiently strict group policy could be used to make it a lot harder - but in the process would render the local admin account effectively useless. It would be more typical to create accounts that are "nearly admin", ie they have many rights granted to them but are not local admins and are also quite restricted by ACLs and group policy. This is fairly typical in a corporate SOE, but requires advanced Windows knowledge to set up and won't work on a stand-alone desktop.

If you're envisioning some scheme where you install PostgreSQL on a standalone Windows computer - say as part of some application you're distributing - and stop the person who owns the computer from accessing it then you're totally out of luck. No hope. You can slow the user down a bit if you use an embeddable database that supports whole-DB encryption like SQLcipher or SQLite see, but even then a user with a clue and a debugger can still get in sooner or later, even if you try to add anti-debugger features to your application. PostgreSQL doesn't support in-application embedding or whole-database encryption, so if this is what you want you should look elsewhere.