We can’t change the requirements for the nethserver-blacklist package because its dependencies should be available in a normal NethServer.
If you want to install the update-ipsets command, you need a different machine.
Our blacklist git server instance, has a custom implementation which uses also update-ipsetsbut is hosted on a plain CentOS 7.