That just means malware sites like download.com will tell users to add the download.com repository.
Without curation package managers/app stores don't offer any additional security, but curation inevitably involves trusting somebody to make those decisions. Do you trust Microsoft to do that for most users?
Consider Chromebooks - one can unlock ChromeOS or replace it with Linux, but Google made it rather scary-sounding process for an average user, so malware site has very little chances to convenience the user to do it.
ChromeOS isn't an open platform and Chromebooks are dangerously locked down.
Microsoft could solve these issues on windows by forbidding software that they don't approve. It would undoubtedly improve the security of the platform. But it turns Windows into a walled garden instead of an open platform (consider - would Microsoft have allowed Firefox onto the platform? unlikely)
Without curation package managers/app stores don't offer any additional security, but curation inevitably involves trusting somebody to make those decisions. Do you trust Microsoft to do that for most users?