So the obvious solution here is...
For ANY os or distribution:
1. Don't get your software from 3rd party websites. (Eliminates one obvious vector of infection.)
2. Stick to the developer's site or your distro's.
3. Download the desire of your heart.
4. Check it for nasties.
5. Assume your "secure" download has been got at and is fscked.
6. Wait for a decent while (this could be quite a long while in some cases).
7. Wait for the cries of anguish, articles on the reg,reports on developer's or distro's fora etc.
8. Only now recheck your download for nasties.
9. Install and keep everything crossed.
The paranoid will no doubt suggest further steps ....
10. Go back to using an abacus.