I would argue that Windows checking certificate signatures provides a lot more safety to the vast majority of users than manually inspecting a bash script.