Debug is set to false so that information can't be seen in errors that might include your database username or column names that a hacker could potentially use. It should always be set to false in a live environment and since most people wouldn't know where to change it after finishing development, it is defaulted to false.
Change it to true temporarily when you want to see more information about an error, but it should remain on false whenever in a production environment for security.
Prepared is set to true because it ensures SQL injection protection. There is SQL injection protection that I added when not using parameterized, but it is mine and not the built in MySQLi protection which is more tried and true. Setting it to true is actually probably a bit faster, but probably negligible unless you have a very high load on your server.
You can set a default for what to use when a parameter is blank. It has values like "WA_NULL", "WA_BLANK", "WA_ZERO", "WA_DEFAULT" or you can set it to a string. This just allows you to set a default other than blank when a blank value is entered. If the default is set to "WA_BLANK" then the blank value is maintained.