28 Jun
2018
28 Jun
'18
4:10 a.m.
Mere moments ago, quoth I:
The Right Way™ to handle this case for the layperson is to authenticode-sign the exe file, such that when you try to run it, Windows will verify the signature and tell you who it was signed by.
Also note that Windows normally only does this when apps request admin permission. Which is common but not mandatory for installers; I'm not sure which way these ones happen to be set up (since I couldn't download them). You can verify certificates on non-admin exes as well but you have to think to do this yourself; it won't happen automatically on launch.