It is possible for the host machine to infect the virtual machine, its harder the other way round. Anyways, it is possible for the malware to record the screen and get your 12 word seed. Use one of your pendrives to run a live copy of Tails and you will be fine.

You can do whatever you want with the VM and the pendrive, just remember the 12 word seed. It is the most important thing in the Electrum cold storage. Pen drives can be prone to failure so I don't really recommend using them.