I've just performed a scan on your APK as you've opened an inclusion request with F-Droid. Looks there's a little show-stopper here. This is what the scanner results look like:
Libraries detected:
-------------------
* Android PackageManager (/android/content/pm): Utility, Apache-2.0
* Android Support v4 (/android/support/v4): Development Framework, Apache-2.0
* AndroidX Activity (/androidx/activity): Utility, Apache-2.0
* Android Jetpack Annotations (/androidx/annotation): Utility, Apache-2.0
* Browser (/androidx/browser): Utility, Apache-2.0
* Androidx Core (/androidx/core): Utility, Apache-2.0
* AndroidX Fragment (/androidx/fragment): UI Component, Apache-2.0
* Lifecycle (/androidx/lifecycle): Utility, Apache-2.0
* Loader (/androidx/loader): Utility, Apache-2.0
* Android Activity Saved State (/androidx/savedstate): Utility, Apache-2.0
* AndroidX Security (/androidx/security): Utility, Apache-2.0
* Android Jetpack VersionedParcelable (/androidx/versionedparcelable): Utility, Apache-2.0
* Jetpack WindowManager Library (/androidx/window): Utility, Apache-2.0
* Flutter Geolocator Plugin (/com/baseflow/geolocator): Utility, MIT
* Google Mobile Services (/com/google/android/gms): Development Framework, Proprietary; NonFreeComp
* Tink (/com/google/crypto/tink): Utility, Apache-2.0
* Flutter (/io/flutter): Development Framework, BSD-3-Clause
* url_launcher (/io/flutter/plugins/urllauncher): Utility, BSD-3-Clause
* Kotlin (/kotlin): Utility, Apache-2.0
* kotlinx.coroutines (/kotlinx/coroutines): Utility, Apache-2.0
Offending libs:
---------------
* Google Mobile Services (/com/google/android/gms): NonFreeComp
1 offenders.
Dangerous flags:
----------------
* usesCleartextTraffic
Permissions:
------------
* android.permission.INTERNET
* android.permission.ACCESS_NETWORK_STATE
* android.permission.ACCESS_FINE_LOCATION
* android.permission.ACCESS_COARSE_LOCATION
* com.theripper.cb_app.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
SigningBlock blobs:
-------------------
0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)
See the GMS (Google Mobile Services)? Those are a show-stopper for F-Droid. The most likely culprit having dragged that in: Flutter Geolocator Plugin. Some pointers for help can be found in the corresponding section of my snippet under Flutter and Geolocation.
For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it โ and nobody else can even verify what it really contains.