1st (and 2nd) point states that "almost everything depends on programmers". We must trust them! .. And what if they went rogue - someone threaten them (mafia, governmet, ...) or they lose their head - they can introduce all kind of problems - 1.1 exploits 1.2 different exe than given open source ...
This is a centralized systems' problem which means it only affects ethereum and not bitcoin.
Bitcoin protocol is defined precisely and any change in it has to be approved by the entire bitcoin network which consists of hundreds of thousands of both miners and full nodes.
On the other hand any change in a centralized system such as ethereum only requires the owners decision and then it is forced on the system. Such as the roll back a couple of years ago so the forks they force sometimes without needing any consensus.
3rd states that there were cases in which big pools had >50% compute power .. I do not think that we have any protection against that right now? Or not?
We have, it is a "pool" not a "miner" that has X% hashrate. If the pool turns malicious or starts having high percentages the miners migrate to another pool.
Did anyone here tried to compile the code? Did anyone got same exe ?
Good projects such as bitcoin core, electrum, and some other are using
reproducible builds which means anyone compiling the same source code will get a resulting binary that has the same hash.
Also even if exe how to be sure code is free of "unintentional" exploits or known "helpful" problems/bugs?
Again good projects are 100% open source and anyone can go through it line by line and many people have.