Pays your money, places your trust...
Same for many aspects of security & privacy, a lot comes down to who you can place some trust in to help keep your own stuff safe.
When using a VPN then do you trust the provider more than your ISP? Maybe, depends on your ISP and gov of course. More than "free wif-fi"? Almost certainly if its a half-decent paid provider. But in every case you would still use an encrypted link like https or SSH, wouldn't you?
When using any AV or end-point service capable of seeing inside your network and gathering data with admin privileges? It a much higher bar to meet, you really have to trust them to:
1) Not screw up and bork the OS
2) Actually stop malicious actors with a high probability
3) Not to leak your secrets deliberately or through incompetence