HighWind

The software that decide to activate the trim motors based on AoA might be trivial when analyzed alone.
But a large part of the software is about being able to detect faults, in communication interfaces, power supplies, lock stepping, voting between sensors, and many other things.
The system also have to select between: MCAS, Speed/MACH Trim, Two set of trim switches, Two set of yoke cutout switches, end stops, different speeds with flaps up/down etc.

No…
If you need a system where a runaway are “extremely improbable” then you need to look at failure modes at each component.
You need to look at each contact set and analyze what happens when it fails open or short.
You also need to look at wires running parallel to each other, where a double insulation fault could supply 28V to a wire after the two cut-out switches.
If you have redundancy, e.g. two relays in series, then you need diagnostic coverage to ensure the first fault is detected before the second fault occur.
If you have an analogue RC timer (like a 555) then you need to detect a capacitor changing value (E.g. electrolyte dryout). In my field of engineering the reliability have increased when mechanical safety relays, was replaced with SIL3 software.

Designing safety related software, with full certification evidence is hard work.
The root-course of this ordeal is that the computers was designed to a lower reliability specification, on the condition a full trim runaway was manageable by the pilots. I.e. a runaway once in a while was not not an issue.
The reliability have to be increased many orders of magnitude when the responsibility for preventing a runaway is moved from the pilots, to the flight control system.