No, the lazarus inno installer is not code-signed (unfortunately)....
Assuming Windows here:
True, but there are issues: I have a code sign certificate, renewed when due, but due to rights issues ( on paper, not tight to machine(s) , that is a misconception) it would mean that every single binary and code has to be verified by me, me signing it and send the binary back.
That is pretty much undoable for one person: Every time somebody changes his code even by one byte or flag I have to do this all over again. But on request I signed some binaries a couple of years ago. In the mean time these binaries changed and I did NOT get full access to the code, which means I can no longer have responsibilty and therefor the author lost his capability to sign through me.
That made me abandon code signing for others too.
The signing itself is not difficult, but once you sign it is your legally valid autograph. People tend to forget that.
Note that a signed binary is signed forever, but you have to renew the certificate to sign every once in a while.
The only piece of software for I would make an exception is a piece of software written and maintained by a bunch of mostly 50+ year olds. (i.e. FPC itself) but I would probably donate the cost of a signing certificate, once.
That is because with signing comes a whole host of responsabilities.