I would be suspicious of a compiled binary designed to interact with our money. What API permissions are needed on the API key, and is source code available?
All API features can be enabled or disabled trough Bitstamp website (also when creating QR code), the app is primarly build to track the "walls" (Order book), check account's upcoming transactions and balance, not to interact with actual money (since this feature is disabled by default). Its up to user on which features he want's to have. This app works for Android 5.0+ so that was the cause of creating this app (the official one isn't working well).