Would creating a new random seed through RNG (using dice and the wordlist) and using that as a test seed on 3 different devices with Electrum installed be enough? I'd use it as a "disposable" seed to check whether all 3 devices show up the same addresses.
Verifying the signature is all you need, because it would mean that this is the version reviewed by the open-source community. If you're paranoid about the developer going rogue, avoid downloading a fresh release, and read discussions about the wallet on multiple places, like this forum, github, reddit, etc. - if there is indeed something malicious in the official releases, someone would notice it and report it.
Your idea with testing for rigged address list is not bad in itself, it won't hurt to do it, but you are just testing against one of many possible attacks, so this alone is not a proof that a wallet is safe. A better way to test a new wallet is just put a small, but not too small, amount of coins into it and wait some time. This way you will cover a lot if not all possible hacking scenarios.
But really, being paranoid about small details isn't really good, it can actually distract you from real security/safety issues, like physical security, that is probably most often overlooked.