We can actually just supply a custom signing module here to do our signing rather than manually signing things in the afterSign hook. This means all 4 executable files get signed (the main exe, the stub exe, Update.exe and the installer).
