This is a problem with proprietary software markets in particular. You can largely escape this dilemma if you source your software from a free software distribution like a Linux distro, Conda, Pkgsrc, F-Droid, etc., because they have their own processes and standards for curating, vetting, categorizating and sometimes even patching software.

One of the reasons that desktop Linux has lagged with app sandboxing and binary attestation compared to macOS is that proprietary apps are marginal and few on most Linux desktops. Linux users are not choosing the bulk of their software from a giant pile of borderline malicious shitware like users of mobile apps generally are. (It's a good thing that Linux is catching up in this respect because some proprietary crap, like Discord, Google Chrome, VSCode, Steam, and Zoom, is extremely sticky for new users coming from proprietary operating systems where proprietary apps are the norm as well as strongly incentivized by powerful network effects. Vendors of such software have proven that they can't be trusted to follow reasonable conventions with DEB or RPM repositories, and Flatpak will suits untrustworthy vendors and other third parties better.)

> I can certainly see the argument that Apple isn’t going about handling this set of problems correctly, but ignoring it or pretending it doesn’t exist isn’t right either.

Apple is understandably prioritizing the realities of the ecosystems that the bulk of their existing users navigate, namely one of publishers selling software as commodities and services for financial profit. But it's not the only conceivable path forward because not all ecosystems of usable software are dominated by producers facing such incentives. You can answer the proprietary hellscape by stepping away from it instead of letting yourself be hampered by shit like this on your own machine.