SYSTEM or LOCAL SERVICE or NETWORK SERVICE
what are the use of the above 3 and why LocalSystem account is (dangerous, don't use!)?
LocalSystem is dangerous because it is literally the account of the computer system itself. It has no restrictions. Everything that runs as SYSTEM is running as if the operating system itself is doing it. This means that 1) if the program does something wrong, it can destroy the system and 2) if the application has a vulnerability, an attacker can use that to execute malicious code with system permissions.
LocalService has a lot less permissions and has no permissions to use the network (or rather, it is anonymous which means on most networks it is not allowed).
NetworkService is similar in that it has a lot less permissions, but it can act on the network.
If you create things as system, be very careful. There are various windows attacks that abuse system permissions of badly configured apps.
If you run your exe from the command line, then it will run with your own credentials. Preventing a 2nd instance from running is simple. When your application starts, it can acquire a mutex of a given name (use a GUID for the name).
Here is an example of using a mutex.
https://learn.microsoft.com/en-us/windows/win32/sync/using-mutex-objects
From the documentation:
If the mutex is a named mutex and the object existed before this function call, the return value is a handle to the existing object, and the GetLastError function returns ERROR_ALREADY_EXISTS.
So you just have to check the error value to know if an instance is already running or not.