Signing it verifies that the software was made by company that it says it was. It’s a method to avoid installing fake or malicious software. It is on its face a good thing, with the major caveat being who is in charge of who gets to sign what.