It is not possible to use transferFrom unless the contract is able to approve someone to execute the transferFrom.
You can designate a "recovery" address where any tokens sent can be transferred to, and then define a function like:
function recover(IERC20 token) public {
SafeERC20.safeTransfer(token, recoveryAddress, token.balanceOf(address(this)));
}