Sure.
You are basically moving the trust from your ISP provider to the VPN provider.
I don't know in which country you live.. but i would rather trust my ISP than a random VPN provider.
The VPN provider can (theortically just as the ISP provider without a VPN) read and modify any non-encrypted (http) traffic.
Even if you visit sites via https, some content might still be delivered without TLS. This includes pictures / graphics for example (which can theoretically be modified to deliver malware).
The question is.. who do you trust more. Your ISP or your VPN provider ?
Additionally, if you install a software directly from the VPN provider, the possibility exists that it installs their certificate as a trusted system certificate.
This would give the VPN provider the option to 'break' the encryption of your TLS secured traffic, leaving them to be able to read and modify ALL of your traffic.
I can recommend you this 2-minute-read: https://gist.github.com/joepie91/5a9909939e6ce7d09e29
The question is.. WHY do you want to use a VPN?
Most probably there is a better way of accomplishing your goal. If you want to go more into detail here, i will gladly be assisting you here with theoretical concepts on how to achieve that goal.