I'm trying to solve same problem with Microsoft UAC 'Unknown Publisher' messages that our users get.
When using -sign <certif.pfx> -signpw <password> I get a warning from hbmk2 ...
"hbmk2[instalar]: Advertencia: No se firmará el código, porque no se ha encontrado una herramienta soportada para firmar código."
Googled: ("hbmk2 [install]: Warning: Code will not be signed, because a supported tool for code signing was not found.")
Somebody knows wich are the supported tool(s) ?
If you found a free (or ats least economic) solution, can you share here?