You need to understand what a certificate is certifying.
A Let's Encrypt certificate only certifies that you are speaking to a server that has been authorized by whoever controls the domain name.
If whoever controls the domain name is a criminal, then Let's Encrypt certifies you are actually speaking to the right criminal and nobody else.
There is no other check.
This is among the reasons browser don't show a lock anymore: https isn't safe, it's just encrypted.