If I am understanding this correctly, the $99/year Apple Developer Program allows you to notarize applications for macOS so users do not receive the warning/damaged binary dialog. I simply had AI generate the signing code, and you can run that script on any CICD or on your machine and push the artifacts to a CDN. Works wonderfully for macOS, and users of my app have had no issues with it.

Let me know by replying here if you want me to share the build+sign code or have any questions.