Multiplayer security is kind of an arms race, you should only initially worry about the basics. So, as long as it's a secure network (https), client-side is unreadable (built-in with Construct 3's event-sheet system) and runtime is obfuscated (minified), you'll be fine.
Unless your game has a payout feature, you should only counter security vulnerabilities as cheats for your application are made. It's more practical that way.
If you are doing this professionally, you might want to use services like Photon Cloud for reliability and save you time. Or, you can host your own network manually too, but you have to look this up for yourself.