It's a good thing to have control, but in this case, it works both ways. Whichever the automatic chmod is, it can be changed to more or less restrictive manually.
Is it possible to make the automatic chmod either conditional, or use a trial and error mechanism to finding out what works? The trial and error testing wouldn't need to be done with the .htaccess file. It could use a file that has no explanations to the functionality of the website to repeatedly chmod and try to access it to find the strictest settings that would be safe for chmodding the file itself. This could be used to secure all files, not just .htaccess one.
If this would work, it would make BulletProof Security closer to being the definitive WordPress security measure. And if making the default settings more secure without breaking anything is possible, there's no reason not to. Everything the plugin does, could be done manually, but the reason to use the plugin is to not have to. Like you said, there's always the liberty of adjusting things after the default settings have taken place, if someone wants to make the website less secure for some purpose.
If you need help with beta testing I'll be glad to give a hand.