Actually as the author of fwupd writes in his blog, the security indication is about whether the hardware verifies the signature of the firmware. So, I guess, you have just selected the wrong checkbox or so, as (I hope) the Nitrokey does it, does not it?
The update tool can even detect corruptions of your firmware, so it is really the way to go!