The signed build not only has a signed and notarized _package_, but the binaries it installs are also signed and notarized.
A signed and notarized package can be installed by double-clicking without having to jump through any additional hoops, making it a better choice for scenarios where a manual install is needed/required.
But more importantly, a signed /usr/local/munki/managedsoftwareupdate binary makes it possible to use MDM configuration profiles to grant managedsoftwareupdate TCC permissions.
An alternative is to build the tools and package yourself and sign them with your own (or oyour organization’s) Developer ID.