Prompting for installation opens a dialog controlled and populated by the browser that has the name and author of the app to be installed. You can test it on the example page here, linked from the article:
Right, but it does gate the actual installation behind a secondary approval in a trustworthy prompt that the page author doesn't control. The page author could of course make a dangerous-but-trustworthy-looking app that would pass muster for the user's approval, but at that point it's not any different than social engineering the installation of any regular malware, e.g. convincing a user to download and execute a dangerous binary.
https://microsoftedge.github.io/Demos/pwa-install-element/in...