The risk of using a third-party DNS provider is that the websites you visit are able to detect what DNS servers you are using, if they want to.
This means that someone could see that you’re “a Proton VPN user who uses NextDNS,” which is a much smaller group of people compared to “ProtonVPN users who use Proton’s DNS,” and therefore you stand out more and could potentially be tracked more easily.
On the other hand, a DNS provider like NextDNS can provide very meaningful privacy benefits, like the tracker/ad blocking and malware blocking features you mentioned.
Do the benefits that NextDNS provides you with outweigh the risk of potentially being easier to track? Only you can decide, really, but at least now you should understand the potential threat involved.
I do know many people who combine NextDNS with Mullvad, Proton, IVPN, etc., and I also know many who would not do that.