Option #2 does exist--it's called a subvendor ID and is part of the baseline spec for PCI (ie it's not an optional extension). To prevent the generic driver Samsung would need to provide a driver that matches the PCI device and subvendor IDs and Windows will opt to use this driver over the generic OS driver since it's a closer match for the device's IDs. Windows doesn't have a good model for blacklisting device IDs for use with generic drivers--the cases I can think of is where MSFT was aware of broken hardware prior to an OS release (and either blacklists in the inf file or puts a workaround in the generic driver).
With USB&USB2 the drivers were shipped earlier (in terms of common availability of driver vs hardware) compared to USB3 so right or wrong the hardware was designed/implemented to work with the Windows OS driver. MSFT was much more tardy on USB3 so vendors had to create & ship their own drivers and later could play with MSFT's driver. Having said that MSFT's driver has been out for awhile now so I don't know what is Samsung's excuse if this is newish hardware (rather than a new discovery of a hack being used on older hardware).