What apps are trusted?
So to work, it has to know which applications are allowed write to the trusted folders. I guess initially only the Microsoft ones, like MS Office. So a macro virus (or succesful phishing) targeting Word or Excel can bypass this easily.
By the way, this sounds like a limited version of Linux AppArmor.