I am running Node Red in a Windows VM. It is only used for connection from local network. Also already added user authentication with the node-red-contrib-users node.
But now I want to implement some browser notifications and thus it seems I have to enable HTTPS access. I found some tutorial about this but they all refer to Pi/Ubuntu. Are there any tutorials for enabling this on a Windows machine? Will this also work for a local-only use (with access via IP, without domain)?
More and more common to require this for all sorts of reasons. And if using any kind of web service, even over a local network, it is best to use TLS.
Probably not, not a common scenario to be honest. Even Windows people generally run microservice architectures on Linux if they can. 
But if relying only on Node-RED's built-in web server, the process is the same as for Linux (the joys of working with something like Node.js) other than the locations of your 2 certificate/key files will be different. They need to be somewhere read-only to Node-RED. Node-RED should not be able to change them.
Not with any kind of validated TLS certificate, only self-signed since you cannot have a publicly valid certificate issued against an IP address. Self-signed certificates are a pain to work with these days I'm afraid as all browsers will complain about them unless you go to the trouble of creating a self-signed trusted root certificate as well (from which your actual cert is derived) and uploading it to all devices.
