Possible solution: if all the tasks you want restricted user to run is on specific source documents, then you can place all these source documents in a seperate source folder (add a new one in QMC under System/Setup/Distribution Service/General/Source Folders). Add the restricted user as Document Administrator on this Source Folder.
A QlikView Administrator is exactly that, he can administer the whole of the QlikView service.
A Document Administrator is someone who can be permissioned to administer certain documents and who can not administer the QlikView service.
The role you are trying to establish does not fit into the model and in some ways doesn't make any sense. You are wanting a person who can administer SOME documents and NOT administer others, protecting those documents. But as a QlikView Administrator this person has the permission to do anything with the entire service including for example stop the service or even drop the reference to the folder that contains the documents he is supposedly not able to administer.
You maybe need to reconsider the scope of this role you are trying to define.