Remove the code signing of builds on windows

[Alphrag]

Pre-flight Checklist

Please ensure you've completed all of the following.

• I have read the Contributing Guidelines for this project.
• I agree to follow the Code of Conduct that this project adheres to.

Description of Change

Remove the code signing step during the build on Windows.

Motivation and Context

The certificate we had to code sign our builds for Windows expired this week, which now prevents the build from completing on Windows.

Checklist

• My pull request is properly named
• The changes respect the code style of the project (pnpm prepare-code)

Release Notes

[fsacer]

isn't this kind of a security issue? I've always expected everything to be signed.

[vraravam]

Yes its kind of a security issue; or more specifically, the individual has to trust and verify that the checksums are correct. Unfortunately, we don't have contributors for the $$ needed to get the signing certs.

[Alphrag]

isn't this kind of a security issue? I've always expected everything to be signed.

The changes made last June by the certificate authorities forcing the use of hardware keys to hold code signing certificates mean that they have become very expensive to get and need a manual intervention by its owner at each build phase. For these two reasons, we have not been able to keep with signing the releases for Windows. So yes, it is a bit of a security downgrade, and using a self-signing certificate would only make things worse.

I have been looking into the Sigstore project, to see whether we could use it in order to sign our releases and to make them verifiable, but I haven't been able to make a full proof of concept to work with electron-builder yet. But if you know of other means, feel free to let us know (if so, it would be better to start a discussion and tag me there).