The problem is in reality simple to understand ..

To give an image, actually the signature is just like a (Hash) of the message using the <pivate-key/address> factor, so signing message do not expose anything.. and if you trust your wallet software for managing your bitcoins you are very obviously able to trust it to sign a message!