I don't know that website but with downloading anything from any web site your safety will depend on (a) what you download and (b) your installed antivirus scanner.
There is nothing executable in .cdp files. It could, theoretically, be possible for a malicious creator to add something "nasty" to a .cdp file that is then hosted on a 3rd party web site but it would be rejected by the DLS upload process.
Installing a .cdp in Content Manager does not run anything in the file. So if you are concerned about .cdps from 3rd party sites then, after downloading, use CM to open the asset in Explorer and run the folder through a virus checker.
