BTW (just for information), VirusTotal has an “invalid-signature” tag at
https://www.virustotal.com/gui/file/7094a07167648628e47249a16d9d6db922e5aa1255ac4322a2e4900d233372dd?nocache=1
Ah sorry, I have just read this is normal for self-signed certificates.