I would venture a guess that the division of MS that issues C&D letters is probably 5 steps away from leadership at Github that could implement something like suspending your github account and removing access to repositories. THe ol' one hand doesn't talk to the other type of thing.
That being said, if you are doing something that is attracting the attention of a legal department of a Fortune 15 company, my guess is your customers would flee to competitors if they knew that.
Host your code elsewhere (gitlab?) and retain legal counsel that can help you navigate this. Asking internet strangers for advice isn't likely to be beneficial.
In general, no, MS and Github exist to sell services. They are not a danger to people who use their services. But it sounds like you are doing something that they consider to be sketchy, so for your specific scenario we cannot answer your question unless you tell us exactly what you are doing.
Corporate takeovers always come with uncertainty, and Microsoft has shown it is not shy about enforcing its interests. Treat GitHub as a public distribution channel rather than your primary repository. Use self-hosted Git instances or platforms like GitLab for your core work. Automate your deployments to push code to multiple places so that no single platform has full control over your code.
Under Microsoft's leadership the various cease & desist orders and shutdowns went certainly worse than under the developers friendly Nat Friedman.
Now they hit hard first, similar to Google or other non-developer friendly services.
I think the more important question is "Does Microsoft pose a risk to me as a GitHub user?" and to that, I'd answer yes.
GitLab is another option. You could use GitHub as a primary and have GitLab prepped as a fallback, and mention it on your GitHub project.
Are you able to discuss what this product is?
Why do you need Github at all?
is it worse than https://github.com/massgravel/Microsoft-Activation-Scripts ?
You might be, but not about this.
I don't think they gonna go the C&D route. It's much smarter to have some random "anonymous" person file a DMCA complaint, which has the same effect with zero legal exposure or risk.
But yeah, never have the lifeblood of your company's assets on GitHub. From an international perspective they're basically legally untouchable unless you have billions in cash laying around to go up the courts unless SCOTUS eventually decides in favor of them anyways.
You have had cease and desists notices in the past in regards to the product. It is hardly a deep conspiracy to think they will send the same notices to other platforms; irrespective of if they own them or not.
The real "danger" when it comes to GitHub is their success and the mainstream nature of the product - they are very unlikely to tollerate any questionable content.
As has to be pointed out far too often, when it comes to court orders - CEOs (especially those who are billionaires) will NOT select the option of "go to jail" over complying with court orders.