Hi Hamza,
It is generally impossible to keep secrets 100% hidden in an untrusted environment. That is the reason that Microsoft, Apple, Google etc. spend a lot of effort on building a chain of trust starting from (trusted) hardware.
If you however trust the setup and administrators of the target Windows computer, and you are the only one with access to the account being used then you can be reasonable safe when using the approach in this wiki article:
https://github.com/rclone/rclone/wiki/Windows-Powershell-use-rclone-password-command-for-Config-file-password
You may also need the trick mentioned in this thread:
https://forum.rclone.org/t/the-configuration-password-cannot-be-read/34001