Yes of course until the CEO popped up and unilaterally banned all of Russia[0]. Or when they banned a crypto related domain on a single tweet[1] then unbanned it when people said WTF [2].
Blocking actual exploitative malware is a legal obligation, not "censorship." If they had a TOS that says "do whatever you want" then sure, but in this case they're just violating their TOS too.