@Mr. Sajid Thanks for reaching out. As I understand from your problem statement you want to find a way which allows you to control the Application installations on windows 10 environment.
Currently Azure AD does not have this capability to provide that dedicated endpoint solution. In your particular scenario you will need to use Microsoft Endpoint manager (Known as Intune).
You will need to enroll your devices (Windows 10) to Intune and then apply policies to control the behaviors.
For whitelisting Application on windows 10, you can deploy App locker configuration files from Intune service which allows you to control/block the execution of any software on windows 10.
You can read more here : https://www.vansurksum.com/2020/02/24/a-guide-to-implementing-applocker-on-your-modern-workplace/
-----------------------------------------------------------------------------------------------------------------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.