There are different types of trust, but at the very least with such a signature you can trust that the piece of software is really from Veracrypt and not from a malicious third party.

For one: Most if not all virus scanners.

A signature is a signal, not an absolute. Although, to be fair, if Microsoft (or most other CAs) had done a better job, then that trust would have carried more weight than it does currently.

Trust isn't binary, it's a spectrum. A signature is a signal that should increase trustworthiness. Not the strongest signal, perhaps even a weak one, but it's not zero.