I'm guessing that you could always install vanilla WP from wordpress.org, and customize it with security plug-ins etc. that you feel are the best. I assume that LP isn't going to scan your site and take you down if you don't have their customized version. So long as it gets the job done, security-wise, I would think it OK.
As for using a now-obsolete version of reCAPTCHA, thank you for bringing it to LP's attention. Hopefully someone in LP support will read your post and act on it (I'm not on that side of the fence). Please let us know if you hear anything back. Perhaps you could list your recommended plug-ins and LP/Softaculous might implement them instead of the current reCAPTCHA.