So much complexity. I would just use DPDT relays contacts on each relay and wire one normally closed and common contact from relay #1 in series with the coil of relay #2 and do the same for the other relay. That would override the controllers output signal and switching transistor and would allow only one relay to be activated at any given time, while still allowing both to be turned off. The break before make nature of relay contacts would make this a good simple solution.
Lefty