I have verified the exe I downloaded, so it is basically impossible for me to use an infected client
Well, that's not completely true..
There are several possibilities how an malicious actor can modify your electrum wallet even tho you have verified the signature before and the .exe itself being the correct one.
These techniques include (and are not limited to) malware which is nested into your system and waits for you to open electrum.
Once electrum is opened, it hooks itself into the process and injects dll's to maliciously modify the creation process of your wallet.
This is just one example on how someone COULD foist one an 'infected client' without the client itself being infected.
I am not saying that this has happened. But it is definitely not
impossible. And also definitely more probable on a windows machine than on Linux/macOS.
Thank you, I agree with you, that's definitely a possibility.
But I can't find any information regarding Electrum wallet modification malware exists on the internet. If there is, someone should try to improve Electrum and prevent this from happening again.