Different applications have a different understanding of what the asterisk means. Shells tend to treat it for parameter expansion, which can be quite complex in implementation and often results in security issues when used in scripts. Sudo, on the other hand, treats it simply as a catch-all wildcard for any further parameters in that single command. In other words, it allows the service command to run with any arguments that match the following regex:
^ apache2 .*
Adding it to your sudoers(5) will guarantee that you will be able to run any argument to the apache2 init script as root. Whether or not this is safe depends on how the service operates. There is nothing intrinsically dangerous about using an asterisk, but some commands will allow you to execute other commands as arguments. For example, permitting tar(1) with any argument could result in arbitrary command execution in the form of tar --use-compression-program=./evil.sh. I am not aware of any way to execute arbitrary commands, but that does not mean there are not any, or that there will not be any in the future.
It is generally assumed that a person who is able to execute a command that manages services is already in a privileged position, so there will be little attention put into ensuring that the apache2 init service or the service-managing commands cannot be abused when run as root.
If you consider this "exploiting the program with false input" and thus out of scope, it is safe. The sudoers entry will not allow you to, for example, run service apache2; ./evil.sh as root.
