In the past anything that worked was good enough. Well that hasnt changed much but our options have. Is there a 'silver bullet' that can save me from everything, no. Here are a few options:
Windows 10: The built in AV is actually pretty good. Make sure you turn on the 'Cloud-delivered protection' option. This will send files it donest know about up to Microsoft's 'sandbox cloud' to detonate it and see if its malicious.
Immunet: This is the free version of Cisco's FireAMP enterprise product. You dont get all the features, but you get unprecedented protection. This is more of a cloud based solution, so an internet connection is preferred. The agent sends the files finger print called the hash to the cloud to see if its malicious or not. If it doesnt know the hash, it will upload the file to 'detonate' in their sandbox and provide the verdict.