If a user is tricked into running malware, that malware can apparently get to these keys. Whereas on macOS, if they were stored in the keychain, that would have been impossible.
I have very little experience with the threat model associated with the macOS keychain and how its promises are enforced. A cursory look into its features reveals an export/import function for elements (except passwords) secured in the keychain. An attacker could just export the keys then.
The next question would be, if the keychain just hands out the keys to the application to be used? How would it ever identity a program as being eligible to receive a certain key? An attacker could just ask the keychain for the key.
A user is commonly able to read the process memory of any process running under his account. An attacker could extract the keys from process memory. And so on and so forth.
So you are very likely again where you were before: An attacker being able to execute code in the context of a user can steal his data. The only thing that varies is how much work it is.
In theory Apple may have exposed a security processor akin to a smart card with which Signal could generate public/private key pairs where the private key resides in the hardware and cannot be extracted. It does not appear the MacOS key chain works that way.
It uses ACLs and access groups. So a malicious app should not be able to access keychain items for other apps. Sure, it might be possible to get the key out of process memory, but that raises the bar significantly for an attacker. Most infostealer malware is pretty basic, and just looks for files A, B, C, etc.
