I disagree unless OP’s threat model is particularly high. The norm on linux for ages has been community built and distro built packages. It’s only relatively recently that developers have started shipping their packages to users more directly. I would prefer an official version, but the Signal flatpak is well used and has a lot of eyes on it. I think it’s fine for most. Also see this relevant thread: Best way to install Signal on Fedora?
What kind of containers? Flatpaks are containerized by default and permissions can be managed using Flatseal. I don’t believe they’re particularly strong from a security perspective but I would expect them to be enough to keep your average proprietary apps away from important files etc.