Can I create an admin privilege for just one application?

"Yes, this causes a major security hole. If you have any bugs that allow arbitrary code execution or spawning of new processes then you have basically given the user full admin rights to the system.

I know you've said you can't change your software but if it's between that and a lost sale I'd strongly consider it, it's really not that hard to not require administrator rights.

What in particular requires the rights? Do you need to write to certain parts of the disk? Do you need raw access to a device? This would help clarify."

If the users are part of a domain, you can use a GPO to define a software restriction policy which allows only your application to run. Create accounts for the users and give them local administrator rights to the machines (preferably with this same GPO).

I think that PrivilegeGuard from Avecto should do exactly what you are looking for...it allows you to elevate the rights for a particular windows app, without giving full admin rights to the users. This all can be done for XP, Vista and Win 7.

This is absolutely possible, PowerBroker Desktop: Windows Edition allows you to elevate the rights of specific applications without elevating the user, you can define what additional elevation is given down to the SID(s) involved.

"I assume you are searching a low cost solution, but if you can't find anything that fits, you could try Universal Shield. It works by restricting access per application and not per user.
In terms of security, it's exactly what you need."