I think you might need to set the option "allow limited, web only access" for unmanaged devices.
Guest users typically use unmanaged devices. To prevent them from accessing the site from the desktop the setting must be enabled. To enable it for just a subset of users and not for all users follow the link on the page or this link
However, regardless if they use the browser or the desktop they cannot download and save files. They can edit them in the app but are not allowed tot save it locally