I suspect the average person who installs apps outside of the play store is
still much more likely to be infected via malware that dodged the playstore's detection than the apps they install from other sources, because there's usually considerable trust involved with the other sources.
In particular they're usually f-droid and open source apps compiled by f-droid.