A good start would be doing what Microsoft already does for Edge's Password Manager. It separately encrypts the database with the user's creds and triggers a prompt for them when the feature is accessed. It doesn't solve all the attack vectors but it would be a good start.
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-...
With Edge specifically its not really clear to me when the prompt is required but its at least sometimes as you can see here:
https://support.microsoft.com/en-us/topic/edit-your-password...