The server, however, only receives the player's location coordinates.
No.
The server receives the key presses from from the client, makes sure they're valid, then authorizes the client to move.
The client has no say in where it can go. It should act as a dumb terminal.
Then you can add client side prediction and make your game look smooth.
Without some sort of data encoding in the client, [...]
This is still a nice to have, though. Preventing players from sniffing the traffic would help avoid most hackers and trivial cheaters to create bots and the like.
is there a way to encode this location message to the server before it exits the client binary
You also have to obfuscate the client per se. Programs such as Cheat Engine can sniff the information directly in the client's memory, the data does not have to "exit the client" before it can be read.
it would be extremely difficult
That's unfortunately as far as you can get, you can't make it impossible. If there is enough money to be made by cheating in your game, some entities will try hard to reverse engineer everything and allow some players to take an unfair advantage.