I would explain it in a way that electron has API and access to stuff that a browser should not/does not/never will have.
Browser should be much more sand boxed and never have access to the file system with privileges of a user running browser.
Yes, someone can install malicious electron app but that is totally different than randomly stumbling upon malicious website while browsing/clicking around.
