There is no direct option in the detection policy; However, windows event viewer can be leveraged to indirectly achieve this. Basically, windows events are generated during a change in windows service start / stop.  Event 7036 is generated with a description, e.g.: staring and stopping the Application Information service generates the event:

The Application Information service entered the running state.

Similar events are generated for enabling or disabling an event. e.g.:

Event ID 7040 with the description:

The start type of the Print Spooler service was changed from disabled to auto start.

When event start type is changed.

____________________________________________________________________________________________________________________________________________

To achieve this, go to My Custom Rules -> Add a "NT Event" custom rule & edit it according the individual service monitoring requirement.

Here is an example that detects when ever The application information service enters the stop state. You may use the wildcard * in the Event patterns for ease of use.