Every OS is likely to have vulnerabilities, and they will be zero day vulnerabilities until their existence is found and disclosed. While I prefer Linux for various reasons, provably better security is not one of them. In particular, I do not think it is reliably established that it is less subject to software vulnerabilities than Windows or MacOS; OpenBSD or FreeBSD may be more secure, but I do not think such a claim is provable.
Thunderbird, Enigmail, and GnuPG are equally available for Windows as Linux, and seem also to be available for MacOS, FreeBSD, and OpenBSD. They take a bit of effort to set up and use, but no more than most ordinary users - if motivated - are capable of, and not much more, if any, than ProtonMail. In my experience, it is difficult to convince most people that email encryption is worth any effort at all.
ProtonMail may provide easier to use public key management than GnuPG or PGP, but it seems to require users to trust them.
For nearly everyone, the security of either ProtonMail (or similar services) or Thunderbird with Enigmail and GnuPG will be entirely adequate, as they are not, in fact, targets of any SIGINT or law enforcement agency.
Anyone seriously concerned about intelligence and law enforcement agencies should use other methods than email, or should handle all email encryption or decryption on equipment built from rather old components; enclosed in a windowless, soundproofed, and electromagnetically shielded room and powered with a battery or generator within the room; and never connected to the internet. Encrypted messages should be transferred from and to that machine using media that cannot convey malware. CDs or degaussed and freshly formatted floppy disks probably are ok for outbound, but are a risk for inbound, for which, paper and typing may be the only safe way. For such cases, ProtonMail might be a good delivery vehicle for messages already encrypted using GnuPG, as it seems to provide metadata security that may exceed what is possible for Enigmail with GnuPG.