The extended validation code signing certificate you need to avoid having your installer blocked by Windows SmartScreen is quite a bit more expensive.

https://stackoverflow.com/questions/48946680/how-to-avoid-th...

Well, you can still run unsigned software (by clicking through to a bit of a hidden option in the popup dialog), and they also even remove that through "reputation" if enough people approve said binary (exact bitwise binary, so every new version released will go through the same issue).

For Open Source Software, you can use SignPath for free: https://signpath.org

That's what we did for DB Browser for SQLite (sqlitebrowser.org), and it works well: https://sqlitebrowser.org/blog/signing-windows-executables-o...

SignPath also does stuff for commercial places too (https://signpath.io), but I have no idea of the pricing.

Signing on Windows is a pain in the arse and gets more expensive every year. I dread having to renew my certificate. Also they keep reducing the maximum certificate length, so you can't just do it once every 5 years, like you used to be able to.

I can't remember how difficult it was to set up my initial Apple developer account (trauma related memory loss, perhaps) but it is dead simple to renew. Just pay the $99. I did it yesterday. Took about a minute.

Yes, Windows is terrible, too. The entire desktop software world has lost its collective mind and the platforms are turning themselves into locked down game consoles just so that grandma doesn't accidentally install malware.