FYI, the iOS sandboxing model is the innovation behind the security of iOS. It is separate from the notion of having an app store. Apps would be just as restricted from accessing your data and modifying the OS as they are through their own store.
So this argument is wrong but will be peddled by Apple for sure. PC operating systems had viruses because of the non-restrictive, unsandboxed access their APIs gave to every app.
1. Sandboxing might help prevent certain types of attacks but the App Store review process goes above and beyond simple API restrictions and imposes rules on how you're allowed to use those APIs to prevent abuse of privacy. For example: just because I grant an app access to my contacts/photos for a legitimate purpose doesn't mean I want that company to exfiltrate that data and sell it to a third party. Sandboxing won't help you there.
2. Sandboxing is no panacea as we've seen from multiple Android malware attacks that abuse system vulnerabilities to break out of the sandbox. You're also underestimating the amount of damage that can be done even within the sandbox:
It is one of the innovations behind the security. A big piece of the security posture is the App Store review process which specifically checks to make sure apps are following the sandbox model. That wouldn't exist outside of that and apps could definitely bypass the sandbox.
Part of the Apple sandboxing model is to run a check on binaries to make sure internal APIs are not being abused, or other shenanigans. I would not trust the Apple sandbox at all, especially with the privacy in place which prevents any sort of auditing of what people are doing to their devices.
So this argument is wrong but will be peddled by Apple for sure. PC operating systems had viruses because of the non-restrictive, unsandboxed access their APIs gave to every app.