Wondering if digitally signing each new version of the SQL Developer EXE is feasible -- for the last two versions (18.1 and 18.2) I've had to go through a lot of rigmarole with the network and PC security folks because the EXE and DLLs are not signed by Windows and get rejected by our security software (Carbon Black) and therefore they must manually allow SQL Developer to run on every user's PC that wants to stay up to date with the latest version.
Not sure I understand why there is a problem.
Your org can sign, or do anything else it wants, with software it dowloads and wants to distribute.
All of the medium or larger orgs I have worked with in 30+ years distribute 3rd party software to their users centrally. They control WHAT software they use and what version of that software is available for them.
They have a group that does any actual downloading/verification/basic config in one central location and then prepare a file set for the users to access. The users NEVER download software and install it directly on their own machines. In many orgs that would be a fireable offense.
So please explain what it is, exactly, that you need help doing.
AH, yes, you are correct -- there is no issue -- things are sometimes backwards here. We do allow people to download and install themselves but it has to be on the "approved" list. They don't necessarily want to be in the software distribution business for all possible apps.
So yes, thanks -- not actually an issue.