> You are essentially asking what is safer than running arbitrary code from the internet

No, I'm asking what is a safer method when I want to install some code from the internet.

> The OS usually has guardrails and logging and audits for what is installed but this bypasses it all.

Not everything is packaged or up-to-date in the OS

> My mom recently got fooled by a scammer that convinced her to install remote access software.

Remote access software are packaged in distros too.