Directly quoting the [wikipedia page for code signing](https://en.wikipedia.org/wiki/Code_signing#Providing_security):
Code signing is used on Windows and Mac OS X to authenticate software on first run, ensuring that the software has not been maliciously tampered with by a third-party distributor or download site.
So, why not sign it?