For example, I installed Chrome with Chocolatey. Do I need to turn off Chrome's auto-update, and use cup upgrade only?

tl;dr: No, you do not need to turn it off. You can if you desire using packaging avenues that offer it, but the recommendation is to use choco pin to suppress Chocolatey from managing the package upgrades. You can also use the auto sync feature of Chocolatey licensed editions to let it synchronize the tracking to the newer software versions.

Documentation Regarding Auto-Updating Applications

Source: https://chocolatey.org/docs/how-to-install-upgrade-package-without-scripts#application-is-self-updating-like-google-chrome

Application is self-updating (like Google Chrome)

Consider the following scenario:

• You have installed Google Chrome from Chocolatey.org (package id is googlechrome)
• Google Chrome self-updates
• Choco version is out of sync with installed version

Recommendation: You should pin the package to suppress package upgrades. The self-updating scenario is keeping you on the latest version and you want to stay up to date with the latest version that may have security fixes in addition to other things.

You should run

choco pin add -n=googlechrome

For more information see Pin Command.

Disable Through Packaging Avenues

It's considered an anti-pattern (due to security reasons) to turn off the auto-update aspect of the software in the packaging by default. However there are packages that exist to also turn off the auto-update as an additional opt-in for folks that prefer only to update through Chocolatey. The package visualstudiocode-disableautoupdate is a great example of this.

Automatic Sync in Licensed Editions

Licensed editions of Chocolatey automatically handle keeping the package in sync with the software updates with Package Synchronizer's automatic sync.

Before seeing ferventcoder's answer I have been following the install by a choco uninstall where I use the --skip-powershell and --skip-autouninstaller switches to prevent the actual uninstall from happening. This seems to make Chocolatey forget about the install so I still get the benefit of setting up a machine via a script but don't carry the mental overhead of seeing it in the outdated list going forward. I'm not sure if there are any negatives to this approach but happy to be re-educated and switch to pinning if there are any.

choco install GoogleChrome
choco uninstall GoogleChrome --skip-powershell --skip-autouninstaller

-y / --confirm switch intentionally omitted so copy pasters make their own decisions about trusting the sources.