There is no way to be 100% sure, but if its actively supported and generally well known it tends to be OK. One place i like to take a look at for software is the Arch Wiki – it has lots of recommendations, but you should always do your own research as some of the recommendations/suggestions are unsupported.
As an Arch user, I usually obtain software from the Arch official repositories, and if it isn’t there i will go to the AUR. I know that is blasphemous to many privacy and security concerned people due to it being community run, essentially untrusted and whatnot, but i like the OS integration. Also, i always thoroughly vet the software before installing, choose AUR packages that many other users use, look at the AUR packager’s other AUR packages and read the PKGBUILD before installing.