"There are many jobs where the risk to a lone worker is deemed so high that two people must be present."
Lone worker / dual control / segregation of duties are done for lots of reasons, but it's hard to think of many examples where the plan is that if A goes out of control, B stops them by force. Dual-key systems for nuclear release control are deliberately designed so that if one person refuses the other cannot physically perform the launch, but that comes at the end of a system of checks and screening that simply wouldn't scale out to "everyone with a pilot's license". And the two launch controllers are armed, which makes the "B stops A" part rather easier.
In finance, it's common to have two people present when there's a lot of cash around, but that's about witnesses and audit, and is gladly accepted by the staff as it protects them as much as protecting the institution. Segregation of duties takes that a step further and prevents one person from raising purchase orders and paying the resulting invoice (the most common form of fraud in business). Lone worker systems for security guards, prison staff and so on are about protecting the safety of the worker.
Systems which start from the assumption that staff might commit immediately dangerous acts and need to be stopped by other staff are probably impossible to design in civilian environments. Aside from anything else, because it involves authorising the staff to (in the limit) use deadly force against their colleagues. Taken at face value, this case raises very difficult questions, and the old adage that for every complex problem there is a solution which is simple and wrong leaps to mind.