Same as everything you use on your computer... If it's not open source it's already game over. If it is, congratulations feel free to inspect all the code yourself and build from source OR trust the project maintainers and use pre built binaries.
Applies to this program no different than your Linux distro.
Of course there could be other tools that can help verify things such as checksums on reproducible builds.
If none of that is "usable" enough for you, feel free to set up your own tooling and automation
Thank you. That's my point. There is no point in stating that some open source code is somewhat safer because "it can be audited". No. As you said, it's the same as everything I use on my computer. Unless we can establish a consistent safety level for certain type of projects, we can't claim an arbitrary category of software is somehow better.
Applies to this program no different than your Linux distro.
Of course there could be other tools that can help verify things such as checksums on reproducible builds.
If none of that is "usable" enough for you, feel free to set up your own tooling and automation