Indeed currently one can connect through your server if they know IP/DNS and port number. However, at some point in the future we are going implement some sort of authentication. Not to be confused with authentication already in place called custom server security - that one is used for a different purpose.
It isn't the Agent that blocks input. It's Windows that doesn't allow a program with insufficient privileges to remotely control UAC.
The good news is that in version 6.9 we'll add an ability to run the Agent with elevated privileges (provided that you know remote pc local admin account password) and "convert" it to the Host, if necessary.
Actually, the callback connection became less important ever since we have introduced Internet-ID. If the remote user runs the Agent the tech/admin will immediately see that the Agent went online (provided its ID is added to their address book).
Notifying (calling) the tech/admin is another thing though. For example, the remote user may want to ask the tech for assistance and need some sort of an S.O.S button. We do have such suggestion on our wishlist and will probably add at some point in the future.
ESET still detects our program as "potentially unsafe", but we are implementing some measures in the upcoming 6.9 update to make the program less prone to false detections. Let's see if this will help avoid the false positives.