I think that's a fair point, I agonized over it for quite a while - the cc2531 was the USB device/ and stack I was building with at the time.
This is the main reason why by default the device disables the RF source, you have to go out of your way to enable it by editing an /etc .conf file - however it actually does make a slightly better random stream
Is it possible for this device to transmit over radio, or only receive? I certainly prefer only being able to receive, as transmitting seems like an attack vector.
With the assumption that it only receives, I would strongly prefer that it be left on by default. Adding a second source to the CRC mixing can only improve entropy, even if the source is controlled by an attacker. Since the noise from the zener has no simple proof of it's entropy output rate, and it can vary over time, and because zener noise TRNGs have been known to be power-supply noise sensitive (not that your's is), having that second source gives me much more confidence in the device.
It could transmit, there is no transmit code in the firmware, in fact there's no real receive code, we turn on the receiver and sample the LSB of RF noise in the sampling DACs but don't enable any demodulation or framing.
Turning both RNGs on only gets you a about half a bit/byte of extra entropy - but it is a great belt and braces sort of thing, makes it much harder to attack, especially since the sampling clock inside the device for both sources is not visible eternally
Remember we don't use the output data directly, we mix it into the kernel's entropy pool (where it's whitened)
This is the main reason why by default the device disables the RF source, you have to go out of your way to enable it by editing an /etc .conf file - however it actually does make a slightly better random stream