I think you’re referring to the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, also described in this Verge article.

My understanding is that this doesn’t actually require a backdoor be pre-built. It does require that, upon notice, a company or individual provide access to encrypted data (eg, via a backdoor) or assist in obtaining that access in some way, up to introducing a backdoor into their own software or compromising it. There is however a “systemic weakness” limitation, such that no one should be required to introduce a somewhat vaguely defined “systemic weakness” in their software in order to comply with demands. There’s also no requirement that a backdoor be added before requests.

I expect that this means Signal would just stop offering software in Australia if they received a request, or make an argument about systemic weakness, though what Australia would likely ask for would be targeted replacement of the app with a signed but malicious version, to avoid that argument. There is also a question of enforceability against foreign companies: Australia is not the US, with the ability to extradite people who have no real connection to them, so Signal could quite possibly just ignore the Australian law.

If I recall correctly, the law also applies to individuals, and could compel them to maliciously act against other organizations; I remember there being the argument that the law meant that security-minded companies and projects should not allow Australians to contribute to their software at all.