You're arguing the malware risk from notepad++ created and run by Don Ho for over 22 years is comparable to that of new, fake notepad++, vibe coded and run by a guy whose main claim to fame is a marked ignorance of norms around software development?

You'll have to let us know how you reached that conclusion.