What’s the risk if the software doesn’t work as expected after the change? If it’s high risk then I would suggest relying on a vendor statement would not be sufficient. If there’s no risk, then maybe.
Jumping from XP to 7 is a bit of a leap to only rely on the supplier declaration irrespective of risk. I’d think for basic business reasons, you’d at least want to do some kind of sanity check (testing).
If there are any customizations on top of the OTS part, then despite any vendor declarations, you may still have issues.
You should assess the risk, document it, and let that drive any subsequent validation actions.