Doesn't Windows have this already? If the installer isn't signed with a "trusted" certificate, you get a scary warning message. Or is the "hardware technology and virtualization" the new bit?
As long as the user has the option to override the warning and install anyway, you'll still get malware being installed.
This feature however seems more aimed at IT departments so they can lock down their users' machines to only run their definition of trusted software. How will it apply to standone or home users?