But if Microsoft has teams in China, Russia work on MS Teams, I will be very concerned. The same goes with Slack, that many companies now rely on to keep business going.
I'm very sure that Microsoft (and plenty of other companies including Apple) has teams in China, Russia and other countries to develop and update proper localizations for those apps.
If you have eng in US, having a decent chunk of it in China is much less threatening. For example, your internal controls can specify code review by american employees. Your key servers can remain in America or EU with stronger privacy protection regimes (not necessarily strong; just stronger than China).
This isn't perfect, but it makes subversion (1) more difficult, (2) probably more targeted (see eg Saudi Arabia using Saudi nationals employed by Twitter to steal identities of critics on Twitter), (3) more likely to be discovered.
My company's security model doesn't include the Chinese government / national security / military, but it could include the Chinese government giving our sales leads (which are evident if you can see our Zoom calls) to a domestic competitor. Broad exfiltration of data like that is much much harder if the engineering core is in the US or EU.