For this app, I suggest bundling it inside and app bundle. The UI of the bundle doesn't have to do much. Maybe it can install itself, uninstall itself, or repair itself. This is more of a social problem rather than a technical one. Apple requires the user go to System Preference to enable Full Disk Access. Therefore, Apple has inserted the user into your app. You have to account for that. You need to have an app that the user can find, with a nice icon, and manage by copying it to the Applications folder. Your UI can do all the heavy lifting internally to install launchd daemons, etc. But now you have to deal with the human and make it easy for them to use your app, or even just find it System Preferences.
Going forward, you might want to review exactly what kind of software you are developing, and for whom. I always ask people, how would your app work on iOS? That is the future you need to plan for. Apple keeps adding these security hoops with each iteration of the operating system. If you have existing users invested in your product, you can contact them, update the app, etc. and help them manage the changes to the operating system. But these changes may constitute an insurmountable barrier to any new customers. End users simply don't know anything about security restrictions, full disk access, sandboxes, nothing. When it breaks, doesn't work, or they get confused, they are going to blame you, not Apple. There are many old-school Mac utility apps that will simply not be viable in the future. They are going to go away. The future is an iOS future.