This is my read on the situation:

Unsolicited, a company, whether I trust them or not, has said "Hey, I'm gonna install this network interface on your computer. Don't worry I won't turn it on unless you tell me to, but if I do, then all your traffic will pass through me. It's there just in case you need it. But don't worry, I won't flip the switch until you tell me to. I can, but I won't. It's not a big deal. Trust me."

I'm really not keen on this. In order to install a service, Brave's update agent must have Administrator level privileges on the system, which is how it is setup on the default system-wide install. I didn't install a VPN Provider when I installed Brave, I installed a browser. The action to, by default, add additional network interfaces to my machine, that given that the updater has the permissions to install, also has the permissions to activate, could at any point send all traffic on my machine through that Wireguard tunnel that I did not knowingly authorize the install of.

We all assume risks when we install software made by other folks, regardless of whether we can view its source or not. We have to provide some implicit trust to the makers of software to make choices that are inline with our desires and interests as a result of that. For me, this is a choice that is in violation of that trust, and that's not acceptable to me.

I'm not sure I'm going to die on this hill, but Brave has certainly reached a new level of the trust thermocline, and like others, I'm going to be evaluating whether I keep their browser on my systems going forward.