1. Is there a way to resize the above vmdk to partition size without shutting down the server?
You can't shrink VMDKs, whether live or cold, only extend them.
2. What will be the best (secure) way to proceed?
The cleanest and simplest way would be: Attach a new disk to the VM, migrate your data, unmount the old disk from the guest OS, remove the old disk.
3. Is it correct that if current 400GB is on Thin provisioned vmdk the data store usage is equal to only actual VM(vmdk's and config) size? If the above is correct there is probably no need to resize vmdk because this VM will never use more than defined Windows partitions. Right?
A thin-provisioned disk grows in size if a block is written to for the first time. If you decreased the partition size in the guest OS, then under normal circumstances writes should never take place on this unpartitioned space. However, blocks that have been written to in the past will remain and continue to occupy physical disk space on the datastore (unless you write binary zeros to that space and svMotion the VM or similar).