If they were actually vetting the code, they could tell that an application contained a suspicious "download and execute".

In actual fact the Play Store is full of perfectly "vetted" malware, as it stands. What this actually does is prevent the user from coding on the device.