Always do either one of these:
  • Build the software from source
  • Download the binaries from the software repository and verify their gpg signatures and checksums
  • Install it using your OS' native package manager from their trusted package repositories.