I just had a very quick look at the code and stumbled upon this:
https://github.com/Lymphatus/caesium-image-compressor/blob/master/updater/src/updater.cpp#L13
I’m not well versed in QT but this looks a whole lot like it’s downloading updates over plain HTTP, which is slightly less than optimal for security. It might not be recommendable to use this software until this is fixed.