No, the goal is to move to a system that doesn't rely on badness enumeration (antivirus) as a primary defense. You can rely on the app sandbox and the security model of the system to keep it in check.
Antivirus scanners are essentially useless on modern mobile OSes because they are limited to accessing the same things a malicious app or file would be.
Root does not leave the Android permission model in a usable state at all, it completely undermines it.
You are moving from a small handful of processes that get root access and are heavily constrained by selinux policies and are nowhere near userspace to putting root access behind a weak UI prompt. That is the ability to modify the system at runtime. If the system can be modified and the bar to that modification is trivially bypass-able, privilege escalation becomes monumentally easier for an attacker. Because the system can be modified *it cannot be trusted*.
That is something to do with Google Fi, not GrapheneOS. You can work around it by having the Google Fi app installed in the secondary profile and signed into the Google account associated with your service. Although I don't see much point in that. Anyway, it's not an issue caused by GrapheneOS, just Google Fi expecting to be present to grant service access.
This a video where he openly bullies someone, live streams their private messages where they're getting upset with him bullying them and repeatedly, blatantly lies about them including falsely claiming they're insane, etc.
Rossman lied about stopping using GrapheneOS and has continued using it after that point.
The video was made to direct harassment towards the project and founder after the project refused to work with Rossman.
He has done similar things to others, labeling them as insane and delusional.