Hi Tsvetelina,
The released version of Workflows no longer had workflow-specific security rights. In the earlier betas it was found to be confusing, and a common source of data access errors (user roles that would have access to the workflow, also implicitly needed access to entities and possibly microflows, or otherwise could encounter errors when using the app).
If you need to control who is allowed to start a workflow, it’s easiest to create a microflow and configure the access there (and/or, if needed, filter access further inside that microflow based on the current user).