One specific package (A) may rely on functionality from another package (B) which has also been updated but if you only sync package (A) your system is only partitally synced and this may create hard to solve issues.
This is a custom package installed from AUR. Omit the -a or exclude AUR build when running the update.
pamac update --no-aur
There is a much better option to install and maintain android stuido using JetBrains Toolbox App: Manage Your Tools with Ease
Sync from official repo downloads to and installs from the cache located in /var/cache/pacman/pkg.
When it is a custom package the installation follows the PKGBUILD script which has no knowledge of which files has been fetched or not.
As for the signature - there is no way the system can decide if the signature should be trusted or not.
Signature issues only occurs with AUR PKGBUILD or poorly maintained systems where the keyring is outdated.
That is normal when you sync both repo and aur in the same command - don’t sync them together - see above.