I'm not an expert but I've always thought things like consumer VPNs, password management software and anti-virus software as increasing your risk, not decreasing it.
The central point is they aggregate your information into the hands of one agent, and agent you don't know - making it easier for them, or those that attack them to get at your data.
This is a question - I'd welcome comments.