How would they, though? The .torrent file would be provided by Microsoft, and the vast majority of the file’s size is made up of checksums of the various chunks for verification purposes.
AFAIK the only way to send fake data in a torrent would be to create data that has the same checksum (i.e. a hash collision). So you’d have to generate data that matches the chunk size exactly (maybe 10-20 MB or so would be reasonable for an MSFS patch) AND matches the original checksum exactly.
There is a proof-of-concept attack like this (BitErrant), but only when the attacker actually creates the torrent file, so the attacker would have to work for MS/Asobo.
In addition, MS could easy verify the checksums of the downloaded files separately (using another algorithm) making it practically impossible for a BitTorrent swarm member to forge data.