The original intent seems OK. Why the hell does this mechanism need the capability to execute arbitrary .exe files and not just load the most basic type of driver required (INF/DLL/etc. whatever Windows calls it)?
A DLL is also executable code; there's really no difference between that and running an arbitrary EXE. Inf files are slightly different, since they're just text-based configuration, but I doubt that you could get your theft-recovery (or whatever other) functionality using just configuration of something built-in.