That is a good point. I’d point out that bridges have the same problem because Tor bridges don’t have the “family” setting mentioned either, and malicious normal relays have the same problem because they intentionally wouldn’t respect the “family” setting in the first place.
Still though, I wonder how many relays are operated behind a VPN. This issue could be further avoided by choosing a VPN which doesn’t allow port forwarding, like Mullvad or IVPN, because Tor relay operators couldn’t run relays behind those providers.