They're not saying that Canonical audits the sources. They're saying that because the person running the PPA uploads the source and Canonical's servers build the packages from there, as long as you trust Canonical you don't have to worry about the binary matching the source. For the majority of us who aren't qualified to audit the source itself directly, being able to trace the binary we're running to source that someone could audit is the best we can hope for.
Of course in the years since the PPA system was introduced we've seen a lot of projects push in to reproducible builds which somewhat negates that concern, but there are still a lot of us who would rather not go through that process for every random binary we want to run. Having a third party that we inherently trust because they built the rest of the operating system building the random packages we want has an appeal. Also for the devs/packagers free hosting by the OS vendor is nice too.
