The route function is meant to be used at the point where you are constructing the URL from its parts, incorporating the user input into it. For example:
const url = route`/rest/api/3/issue/${issueKey}`;
await api.asUser().requestJira(url);
Instead of:
const url_bad = `/rest/api/3/issue/${issueKey}`; // bad
await api.asUser().requestJira(route`${url_bad}`);
When route is called, it can check for possible path manipulation attempts (e.g. issueKey coming from the user as ../../../evil_api_call) and escape or block them properly.
If URL is constructed separately, route has no way of knowing which parts might have been manipulated by the user, so it might throw this error as a false positive.
I suggest rewriting your getDataFromJira function to accept the result of calling route, and move the route wherever the URLs are being constructed.