List gets big over time, with dupes and all, would be great to be able to group apps signed by Microsoft or any other publisher (mostly MS though). Group by unsigned would also be super useful.
If complicated or going against your vision, adding a new “Publisher” column would be great. While it can be argued certs shouldn’t always be blindly trusted, i think hiding publisher/unsigned behind each binary is counterproductive for a visual firewall.
Would also avoid so many mistakes from people blocking Windows Update processes, thinking they’re super secure with their OS full of vulns.