OpenZeppelin frequently updates their ERC20 implementation. However, it is not the best security practice to always use the most recent version because there could be vulnerabilities which are introduced and not realized until a few weeks or months after the public release.
For this reason, I would prefer to use an old ERC20 implementation, perhaps years old, that is "good enough" given all information currently known. Does OpenZeppelin keep track of any such established version?
I also have the same basic question for every contract in the OpenZeppelin family.