To be evenhanded, encrypting SQLite at rest is a well-solved problem. Dr. Richard Hipp and his merry men even sell an official extension to do so. Plenty of third party FOSS solutions also exist for this.

I feel if that were the case I'd suddenly feel a lot more comfortable with the MS approach than the Apple approach.

Under what circumstances would someone have access to the database but not the key?

Well, presumably under the circumstances where you'd prefer that.

How?

Encryption isn’t the problem here, it’s key management.

And Microsoft’s solution was borderline useless

Apple's competitors lose the PR war if they don't post to social media!