The sources are available on github and I see no evidence of a logger. That's not to say the binaries aren't compromised, I have no idea. You should post evidence if this is really the case so people are aware.
source code could have clean, but we cant see what's inside compiled exe file.