There is a common standard on Linux for accessing password storage and the like. But this does not align with Windows.Security.Credentials.

Yes there is work that will see other options that provide the common standard that are not desktop linked.

Wine implements lots of different features that are not present in normal Linux for Windows application compatibility. Some cases wine does not implement the feature because there is way to say to application feature is missing and applications work around it being missing

Wine policy is compatibility. Please note wine compatibility policy trumps security as well. So yes wine rules it would be valid to implement insecure version of Windows Security Credentials if it made applications work.

Also adding special code path to application as solution does not agree with Wine policy that applications should work. Yes this applicaiton is open source what are you going to-do when a closed source application turns up needing the same thing that some user want to run. So custom patching the application just kicked the problem down the road and at time point it will have to be fixed in wine anyhow because there will be some application not working because it missing.

Closed source apps are usualy commercial, thus you vote with your wallet. And there's still the workaround in wrappers, e.g. like we play pre-DX9 games on Windows 10.

People who pay for crossover support that end up funding wine servers and core developer are normally not paying for games but commercial business applications.

I ask the question that the developers of Wine will have land on them sooner or latter. Is it simple to work out these API issues with open source application yes it is because you can see both sides. Yes people are already voting with their wallet.