The information in the official guide is (in my opinion) incomplete and outdated. If you’re not going to use alternative method (@RogerDodger’s second link), then your next best alternative is the new password-protected encrypted JSON export available in the Web Vault and CLI only (not the legacy “account-restricted” encrypted export available in the Desktop app and the browser extension).
If you create an unencrypted export (even if you are subsequently re-encrypting it with a 3rd-party tool like 7zip or VeraCrypt), sensitive data will be left on your drive even after you delete the original unencrypted file, and can be recovered by an attacker who has access to your device (e.g., if your device is ever lost, sold, discarded, stolen, or confiscated). If your device is an SSD drive, then it is practically impossible to expunge all traces of the deleted file (without physically destroying the drive). If you want to export unencrypted data, special precautions must be taken to avoid this security vulnerability.