On Signal you're encouraged to verify out-of-band (such as in person) with the "safety number" which allows users to verify each other's keys to prevent a man-in-the-middle attack. This way you'll notice if the initial key exchange has been compromised.

This is an incredibly complex problem and it really depends on the details. which keys are used, which are pinned. Which keys the government has, and which certificates it can and will issue itself. Which clients it will backdoor, and where will it attempt MITM attack if necessary.