Back when I was writing a vertical market solution, I had my bound solution install into the Program Files directory.
Never had any issues with access or permissions.
I created a sub folder so I could always pull data forward when distributing a new version.
then the next version would install to
This way I could script the import during upgrading.
One should not be relying on the installation location for any level of security for either the files or the data they contain.
Installing in My Documents is fine as long as the appropriate security for the data is managed by FileMaker's security settings, both within the local file and, when accessed, by the FM Server security settings.
There is a recent addition to the Technical Resource Center on this site with a document worth reviewing:
"New! Security Guide for FileMaker 13"