[wiktor-k]

> Windows checks the code signing certificate of the exe, and if it isn't present and the binary not widely used shows you a big scary warning to discourage you from running it.

Actually even if the file is correctly signed but is new users will see the warning banners. (Unless using the more expensive EV Code Signing certs)

> Of course open source projects rarely sign their exes because those certificates are expensive ($300+/year).

I'm not sure where the $300/ year comes from but one can get valid certs for less than 50 EUR a year (https://shop.certum.eu/open-source-code-signing-on-simplysig...). I got a physical key one for 65 EUR and it worked just fine.

If the open source project is widely recognizable I'd suggest contacting https://signpath.org/ to get code signing for free (as in beer) via simple Github Action workflow.

[wongarsu]

That's great to see that they are so cheap now for open source work. I must have remembered the price of EV certificates (which are handy for completely getting rid of the warning screen and for getting Windows Defender off your back)