It's probably good for now, because Bitcoin-stealing malware isn't very sophisticated yet: it's mostly clipboard adress-replacing trojans, fake wallets and malware that steals wallet files and tries to decrypt them later or hopes for unencrypted files. However, there's always the risk of more serious malware that tries to steal your keys from memory when they are briefly decrypted, keyloggers that steal your wallet file and wallet password and so on. Virtualization might be not good enough, if I'm not mistaken vulnerabilities like Spectre and Meltdown can bypass them.

If you can't afford hardware wallet or dedicated device for cold storage, you can at least get a flash drive, install some secure OS on it (I'm using Tails) and boot your PC/laptop from it, and preferably disconnect other drives beforehand. This will allow you to sign transactions offline in an even more isolated environment than virtual machine.