Verify the download .zip file against he PGP. It shouldn't be "ran offline", but should instead by ran on an airgapped device, i.e. one which is offline and will never go online again, with all network cables unplugged and any WiFi cards removed.

Also realize that unless you are auditing the source code yourself, you are blindly putting your trust in a third party to create truly random keys, and not display pre-generated keys which they would then use to steal all your coins.

Your printer should be similarly airgapped as above, and should never again be connected to a computer which does have internet access. Most modern printers will also store a copy of recently printed documents in their memory, so a physical attack on the printer could result in your coins being stolen.