Yeah, really silly that the legitimate binary for Handbrake isn't signed. Sure, if the intruder had compromised the hosting server then they might have also compromised the signing cert, but that's still an extra step.