Does anyone know if there are any significant security risks involved in using NetFlow on an enterprise?
Presumably you are referring to the exported data.
You might consider encapsulating the exported data in IPSec if you are worried about the data being used for reconnaissance, and have reason to think it may be sniffed in transit.
We've used IPSec to protect in-band configuration management (e.g.: TFTP transfer of config files) occasionally.
Not really, if you enable it on the right devices using best practices there should not be any issues. Make sure you run the latest IOS version to avoid any bugs.
Make sure the collection device is also secured and so is the transit path between the Net-flow enabled device and the collector.