What reputable site should I download Putty from?

The official site is www.chiark.greenend.org.uk/~sgtatham/putty, you can find the download in the download section. If you want to play it safe, you can verify the signature of the download.

In my opinion compiling it from source is as safe as downloading the binary and checking the signature (make sure to also verify the key itself with at least one trusted signer). Unless you review the source code (including all needed libraries) there is no point in spending the added effort of compiling it yourself since both parts, the source code and the binaries, are signed with the same key.

The only advantage you gain by compiling it yourself is the opportunity to review the code so as to mitigate the risk that the authors of PuTTY could have add some backdoors or malware to it. But again, you would have to thoroughly review the code and all needed libraries to actually gain that benefit.

As of May 2017 (!), the official PuTTY website is available over HTTPS.

https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Combined with the HTTPS download links added a little while earlier, this finally provides the first practical way to download a verified copy of PuTTY.

Welcome to the future.

It's nearly impossible to verify that you get a clean copy of putty. As described in this neat article (not written by me)

https://noncombatant.org/2014/03/03/downloading-software-safely-is-nearly-impossible/

tldr of the article is: Putty binaries, signatures and download sites cannot be trusted because they do not even use SSL/Https. Would be very easy for a man in the middle attack to be able to modify the signatures and the binaries, and give you an evil version of putty.exe and a signature/checksum that corresponds to the intercepted executable.