Goswin
‘Their own repo’ means you can download the app from their own server, and that it is signed by them, not by F-Droid people as it is the case with the official F-Droid repository, which is the main criticism made against using F-Droid.
For instance, you could use Obtainium with its F-Droid Third-Party Repo function to add the Threema repo:
https://releases.threema.ch/fdroid/repo/?fingerprint=5734E753899B25775D90FE85362A49866E05AC4F83C05BEF5A92880D2910639E
There are seemingly other issues with F-Droid as a whole, you can find more info there, although not everything is explained: https://discuss.grapheneos.org/d/14452-how-to-explain-why-accrescent-over-f-droid
I don’t have the technical knowledge to understand all the issues with F-Droid as a whole.
The one I would not recommend is this one: https://f-droid.org/en/packages/ch.threema.app.libre/, since it is not signed by Threema. By the way, currently, the latest version on this one is 5.6.1l, while the Threema repo has the latest version, 5.8.0l.
For most people, I’ll say that the Play Store route is deemed the safest, as long as you trust Google enough with delivering you an untampered messaging app.
If not on par with the Play Store, the Threema repo is the second safest, in my opinion, with the bonus of thinking less about what Google might be really doing…
Many people feel safer knowing their messaging app has nothing to do with Google; yes, that’s a feeling, again I don’t have the knowledge to objectively explain why the Threema repo would not be secure enough…
At this point, I’m like you… if anyone can chime in.