Don't you use nuget if you're a .NET developer? NPM or Grunt if you do front-end web development? They all use scripts that run with your full authority, and these are used daily by tens of thousands of software developers. People who manage popular NPM packages could probably do a lot of damage if they wanted to, just by uploading a new version that does something nefarious. It's like a road runner cartoon, and we've all walked off a cliff and just keep reassuring ourselves that everything will be fine as long as we don't look down.
Even non-developers use software they download from the internet, like browsers, e-mail clients, photo apps, and even office documents with macros that can trash their systems. It has nothing to do with time-crunches, it's just a reality in our world that people use programs for just about everything; that most of these programs come from sources most people wouldn't even begin to know how to verify, even with code signing; that, even if they did know how to verify a code signature, chances are this verification step would be meaningless because they probably don't know the person or entity who signed it; that even if they did know the person(s) who signed it, they have no idea if those persons themselves were somehow vulnerable to some attack which compromised their product.
The ultimate solution can only be found in ensuring that running programs that you know nothing about is inherently safe. Verifying the source of these programs is just a very poor proxy for that property. Fortunately, it's been proven to be achievable.