Probably not. SysAdmins tend to use remote installation methods like this one to push a software installation to a workstation, so the installation software needs a command line with switches interface to setup for automated silent installs.
https://learn.microsoft.com/en-us/troubleshoot/windows-serve...
It works well and saves a lot of time going around to individual workstations spread across multiple floors.
Considering things like GDPR and other data protection legislation around the world, I'm not aware how these CA's can verify identification documents because the companies or entities that make the documentation used for identification purposes cant give out your data, ergo they cant confirm or deny if the identification document is genuine or not.
And even if you did codesign your app, the end user company would probably hash your app and restrict its ability to use certain things on the computer in much the same way sandboxes do for web browsers.
Group Policy is one of the ways to lock an app's abilities down, but that's a job in itself if special GPO templates are not purchased to save on time.
eg https://learn.microsoft.com/en-us/windows-server/identity/so...
If you want the appearance of being genuine, I'd probably get a code signing cert, at the very least your users wont get the orange UAC prompt, especially if your app uses certain api's which required UAC elevation and/or also depending on your manifest file.
My work laptop is managed and wouldn't let me install my own software that isn't managed by IT if they hadn't modified it to let me log as an administrator since, as a software dev, I need to do all kinds of strange things to it.
I know people who work at some big banks in NYC where all software has to be approved and they managed to get approval to use a Python library I wrote that I think they install with pip.
