“Is the FDE encryption prcess isolated to trusted VM? Its a part of the trusted computing base TCB?”
dom0 does the FDE; it’s just standard FDE via luks for your entire system / all of your VMs at once. So yes, it’s part of the TCB.
“can malware bypass FDE, then write unencrypted data to disk? I want to stop it”
No, not from within a VM at least as dom0 handles the FDE.
If you really need per-VM encryption, there’ll be an option in Qubes 4.1 for very advanced users.
If you need some data encrypted inside a VM and want encryption handled by a different VM, then there’s qcrypt.
For most users however the aforementioned FDE should suffice.