I wonder, though, if you give your pass to a guest who is using win10 (unbeknownst to you) and your router is set to not allow win10 devices (is this possible? I'm not techie enough), would their win10 machine still save the pass and share it?
I don't know of any AP's that support this feature, but I'm sure you could have the router issue deauth packets to any MAC address that you've identified as belonging to a windows 10 device, that way it isn't able to communicate with any other devices on the node (e.g. for hacking purposes.) I suspect such an AP would exist, because I know that Marriot was using the same attack to prevent people from using their own private APs near their hotel.
As for how you might identify a windows 10 device to begin with, I wouldn't be at all surprised if any of its 802.11 frames included any bits that could be uniquely linked to that OS version. One way I could think of would be to look for MAC OUIs that are used on Lumia devices. It seems this feature is only for Windows 10 mobile devices, so that alone would keep out at least 90% of them.