Can you sign and notarize your own software made for internal use with your own infrastructure? If so, then this is a valid response. If not, then this is an irrelevant response because the issue is going through Apple, not the process being difficult or undocumented. If I own the device, then I should be free to decide what the sources of authority over it are.
Edit: I haven't tested it yet, but it does seem that you can sign an executable with your own certificate (self-signed or internal CA-issued) however you can't notarize it. Right now, notarization is only required for certain kinds of Apple-issued developer certificates, but that may change in the future.
Anecdotally, I was not able to find any way to notarize software for internal use, without paying for a $99 developer account. Though I would have been willing to pay, I know that others who might want to build the software wouldn’t, so I abandoned my project. I suppose I could have maintained it as open source with the developer account required to build, but it seemed disingenuous to me at the time.
Edit: I haven't tested it yet, but it does seem that you can sign an executable with your own certificate (self-signed or internal CA-issued) however you can't notarize it. Right now, notarization is only required for certain kinds of Apple-issued developer certificates, but that may change in the future.