While I would have the same reaction, in this case I think it is a sane decision. Ente is cornering the privacy market and I think they're doing a great job. They have a lot to lose (trust) and it would be stupid if they did something shady with the data entered in the 2FA app.
Not knowing them, how could OP trust them instantly? Whether they really have that trust or not, you have to know them for a while and from many different trustable sources. The story is a bit strange.
There are the issues of competence and track record, not only intent.
> cornering the privacy market
this seems self-contradictory
Sorry, English is not my first language and I tried to look clever.