Just flipping the about:config bit alone doesn't help much though. Any malicious extension installed after changing the setting would still have to have some payload with similar malicious behavior.
Moreover, even if Firefox was compiled without support for that setting, malware could patch the Firefox binary (or download and install a malicious version) to disable the check and then it'd still be able to hide itself as a Firefox extension instead of a binary somewhere else on the system. Once there's malicious code running on the system, it's game over and a flag disabling installing more malware using one out of many possible methods is not going to help much.
However, not having the setting may help for users that get tricked into toggling it through some web page telling them to and then installing a malicious extension, but that's a different scenario than an already compromised system.
Same for OS-level malware, which can only do so much suspicious things before it's noticed by antivirus software or the user.