Yo douche bag: "To help protect users from malware, when an app is executed, Windows makes a determination on whether that app is trustworthy, and notifies the user if it is not. "
So it makes a check against a list of some sort. How hard would it be to get some malicious software signed. More importantly what about devices that are from a trusted source but are not signed. Can an admin out such devices on a white list or does Microsoft control a master list.
FTA: "This gives it a significant advantage over traditional anti-virus and app control technologies like AppLocker, Bit9, and others which are subject to tampering by an administrator or malware"
So it sounds like the admin is taken out of the loop. Need more details, which are lacking in the article. But I would not trust Microsoft to make those decisions for me.