In order to have the confidence in your binary, users will need to use trusted tools to confine it. Any sandboxing tool you bundle with your binary should be considered as (un)trusted as the binary itself.
You could provide a human readable setup script that creates an appropirate chroot
or AppArmor configuration. That way, your users will be able to audit the script themsleves and see that your binary is sandboxed properly.