To be fair googling for an exe is even worse. At least the weird apt incantations can be easily audited and understood by a proficient user, whereas on Windows you're running a binary downloaded from the Internet that you know is going to ask for superadmin permission to do its thing.
A third-party repo is the same: it's also an "Internet binary".
The AUR is slightly different in that (usually, there are some binary packages) you could in principle check the sources and build process before building it right there and then installing to the system with elevated privileges.
