To be secure you would HAVE to build and install it from source.
But then again your OS could possibly inject code to get the keys. Or a keystroke logger may have been installed.