The brilliance of the implementation of cooldowns: For someone to go download and run it, automated or otherwise, they simply follow the standard installation process.

Users who want take the extra precaution of waiting an additional period of time must decide to manually configure this with their tooling.

This practice has been a thing in the sysadmin community for years and years - most sysadmins know that you never install Windows updates on the day they release.

Having a step before publication means that's it's essentially opt-in pre-release software, and that comes with baggage - I have zero doubts that many entities who download packages to scan for malware explicitly exclude pre-release software, or don't discover it at all until it's released through normal channels.