Hi, Yeah at this time no one security scanner supports ObjectScript. There are a few reasons for it. 

At this time, the only tool closest to it is ObjectScriptQuality, which can scan for possible bugs right now. But can be extended for security scans as well. With proper funding, it's possible to do it there. But only as a scanner just for code.

Another way is to implement a very new especially for a Security scanning tool, a complete scanner for enironment.

If your company or other companies would like to invest in such a project, I can implement such tool.

docker-compose is just a wrapper around Docker. 

But anyway, I'm sure you can still use docker no matter what environment you have. As soon as you can run any virtual machine hypervisor, you can even use a separate machine from yours. Yeah, there are probably some limitations, but not sure if they are not solvable. I'm not a Windows user at all.

Since the beginning of the era of Docker, there was a way, named docker-machine, but I suppose it's not in development anymore.

There is a possibility to install client only on windows, and there was a way to connect it to any external docker server by setting environment variable DOCKER_HOST

Short answer, Yes. 

During docker build, just execute it, the same way, you doing anything when configure IRIS

While docker container starts, you can execute script, which will be called after start of IRIS

Just add it in the Dockerfile, trainmodel.sh, should contain iris session script to start model train

CMD ["-a", "/trainmodel.sh"]