It depends how you "move back to the blockchain".

You can deposit the coins to a lightning networking service provider or to an exchange which accepts BTCLN and can exchange it back to BTC. It depends on the nature of these providers if you are risk that they send "tainted coins" to you. Trusted exchanges and service providers normally don't do that but one can never be sure.

The other option is simply open a channel yourself to a Lightning node to cash out. In this case you may also end up with tainted coins: the node opening a channel with you may want to get rid of his tainted coins too.

The question is of course also what you want to do with the coins. If you want to eventually move them to cold storage (one can deduce that from your questions about sources of founds), then Lightning may not be the best option. But if you want to use the coins to buy things then I would simply deposit them to a Lightning channel and then use Lightning to make the payments.

Regarding CoinJoins, the main risk is that you end up with funds coming from few parties which want to get rid of tainted coins too.

Yes, perfect privacy is really complicated on BTC ... but for basic privacy I would simply use, as I wrote before, a mix of various methods, and splitting your funds to lower amounts so if you end up in some of your movements with tainted coins it doesn't affect such a large percentage of your coins.